BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Oracle 10g Dynamic Monitoring Services XSS /servlet/Spy Sep 05 2008 04:43PM
dstinbox gmail com
I ran accross your post,

can you tell me how to harden the config file against this

would this do it ?

<Directory "<Directory "E:\infra\ ...">

AllowOverride None

Options None

Order deny,allow

Deny from all

Allow from localhost

</Directory>
...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus