Hello,Fred Weston !
yes, maybe a little problem. but however, it is a problem.
I think about it , maybe to modify the sources of mini_httpd?
¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡keqian at zhsoft dot org
======= 2004-05-03 03:19:00 you was wroted:=======
>Xu Keqian wrote:
>> this bug may be using by hostility person. It's a hidden trouble.
>Let me jump in and say that this is probably not directly related to
>m0n0wall. It is more likely a problem with mini_httpd or php, if it is
>indeed a problem. In order for someone to exploit this problem, they
>would need to have access to the webGUI. They first need to get on the
>inside of your network and then they need the management password. If
>PHP works the same way ASP and IIS does, then the script interpreter is
>not invoked until authentication has occured.
>DaytonaWAN Networks, Inc.
= = = = = = = = = = = = = = = = = = = =