[WebDNA] PCI fubar

This WebDNA talk-list message is from

2012


It keeps the original formatting.
numero = 109170
interpreted = N
texte = I have a server running apache1.3 and webdna 6.0a. After PCI testing I = recieved a series of issues that had to be addressed. I was able to = mitigate all of them save 1.=20 Apache HTTP Server httpOnly Cookie Information Disclosure It seems apache1.3 is vulnerable to this attack and the only way to pass = is to upgrade to apache2.2.2.=20 So just a few questions.=20 Can I run apache2.2 under tiger 10.4? I assume yes.=20 does the webdna module have to be upgraded?=20 if so what version? What issues can I expect?=20 Do I need to just rebuild the server under leopard 10.5= Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] PCI fubar (Donovan Brooke 2012)
  2. Re: [WebDNA] PCI fubar (Donovan Brooke 2012)
  3. Re: [WebDNA] PCI fubar (Donovan Brooke 2012)
  4. Re: [WebDNA] PCI fubar (Donovan Brooke 2012)
  5. Re: [WebDNA] PCI fubar (christophe.billiottet@webdna.us 2012)
  6. Re: [WebDNA] PCI fubar (Robert Minor 2012)
  7. [WebDNA] PCI fubar (Robert Minor 2012)
I have a server running apache1.3 and webdna 6.0a. After PCI testing I = recieved a series of issues that had to be addressed. I was able to = mitigate all of them save 1.=20 Apache HTTP Server httpOnly Cookie Information Disclosure It seems apache1.3 is vulnerable to this attack and the only way to pass = is to upgrade to apache2.2.2.=20 So just a few questions.=20 Can I run apache2.2 under tiger 10.4? I assume yes.=20 does the webdna module have to be upgraded?=20 if so what version? What issues can I expect?=20 Do I need to just rebuild the server under leopard 10.5= Robert Minor

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[OT] Half completed orders (2005) [WebDNA] v.7 and eCommerce (2012) WebCat2b12 Mac.acgi--[searchstring] bug (1997) taxrate - off by 1 cent (1997) [WebDNA] [table] and COMMA in a Field (2015) WebCat2b13MacPlugIn - syntax to convert date (1997) 2.01 upgrade problems (1997) payflowpro problem #2 (2003) exclamation mark... (1999) Faxing orders in place of email (1997) Re:What file? (1997) Help! WebCat2 bug (1997) Whats wrong with this code? (1998) RE: WebCatalog2 for NT Beta Request (1997) problems with 2 tags (1997) A sendmail warning (2005) Great product and great job ! (1997) RAM variables (1997) WebCat editing, SiteGuard WAS:SiteAssociative lookup style? (1997) Random question (1998)