Security hole in httpd?
Rich Felker
dalias at aerifal.cx
Tue Nov 7 22:12:20 UTC 2006
On Tue, Nov 07, 2006 at 01:28:33PM -0500, Rob Landley wrote:
> Somebody on IRC was a bit concerned about the security hole in httpd:
>
> http://bugs.busybox.net/view.php?id=1008
While this is a stupid vuln that should never have been introduced to
begin with, the severity is..... well if you have passwords stored in
a world-readable file and expect any degree of security you're fooling
yourself. :)
Rich
More information about the busybox
mailing list