Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
From: terry white <twhite () aniota com>
Date: Tue, 13 Aug 2013 04:37:58 -0700 (PDT)


... ciao:

: on "8-13-2013" "Reindl Harald" writ:
: >> and so stop trying to be a smartass in topics you are clueless
: >
: > Please no personal insults

: truth != insult

   it is perhaps just me, but when i see "smartass" in an otherwise 
reasoned dialogue, "the TRUTH", is seldom if ever, my first thought.  what 
is, is a weakness in position; either with the position taken, or an 
inability to handle the frustration of holding it.
 
   in addition, clueless as a delimiter, is not absolute in discussion.  
there are times, when expertise blinds its holder to an obvious but 
counter intuitive point of view. 

   for example, i lay claim to being the icon of "clueless" when it comes 
to 'php'. i did however, "NOTICE" all the security problems showing up in 
regard to it.  AND was able to figure out, it a "RISK", no matter ""which"" 
'webserver' it services.  if i'd known more, i too, could have "blamed" 
apache ...


... it's not what you see ,
    but in stead , notice ...


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault