Re: Re: [m0n0wall] big bug! persistence reload web interface too quickly,m0n0wall will down!

From:	"Xu Keqian"<keqian at zhsoft dot org>
To:	"m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: Re: [m0n0wall] big bug! persistence reload web interface too quickly,m0n0wall will down!
Date:	Mon, 3 May 2004 15:27:08 +0800

Hello,Fred Weston !

	yes, maybe a little problem. but however, it is a problem.
	I think about it , maybe to modify the sources of  mini_httpd?


¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡Xu Keqian
¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡keqian at zhsoft dot org
¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡2004-05-03


======= 2004-05-03 03:19:00 you was wroted:=======

>Xu Keqian wrote:
>
>>hello,KH Lau
>>	
>>    this bug may be using by hostility person. It's a hidden trouble.
>>
>>  
>>
>Let me jump in and say that this is probably not directly related to
>m0n0wall. It is more likely a problem with mini_httpd or php, if it is
>indeed a problem. In order for someone to exploit this problem, they
>would need to have access to the webGUI. They first need to get on the
>inside of your network and then they need the management password. If
>PHP works the same way ASP and IIS does, then the script interpreter is
>not invoked until authentication has occured.
>
>-- 
>Fred Weston
>DaytonaWAN Networks, Inc.
>www.DaytonaWAN.com
>
>

= = = = = = = = = = = = = = = = = = = =