[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy
From: dstinbox@xxxxxxxxx
Date: 5 Sep 2008 16:43:12 -0000

I ran accross your post,
can you tell me how to harden the config file against this
 
would this do it ?
 
<Directory "<Directory "E:\infra\ ...">
        AllowOverride None
        Options None
        Order deny,allow
        Deny from all
  Allow from localhost
</Directory>

Prev by Date: Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability
Next by Date: [ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
Previous by thread: Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability
Next by thread: [ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
Index(es):
- Date
- Thread