John R Pierce
pierce at hogranch.com
Sun Jul 17 16:21:38 UTC 2011
On 07/17/11 1:24 AM, Ljubomir Ljubojevic wrote:
> If you check the frequency of Apache (httpd) security bugs on CentOS
> 5.x, I think you will see several Denial Of Service bugs, but only one
> or two that would allow code execution. And bug reports for Apache are
> made to secure mailing list so rest of the world is not aware of them
> until they are already fixed.
> So I would not be overly concerned about HTTP tunneling attacks.
most successful exploits of 'nix web servers involve poorly implemented
user code, such as exploitable PHP, perl cgi, etc, things that allow sql
insertion attacks, etc etc.
john r pierce N 37, W 122
santa cruz ca mid-left coast
More information about the CentOS