Forum OpenACS Q&A: Response to AOLserver 3.0 vulnerability
2: Response to AOLserver 3.0 vulnerability (response to 1)
Posted by Jonathan Marsden on 08/23/01 07:41 PM
The link you provided seems broken. I think you meant
FYI: AOLserver 3.0 vulnerability: http://www.arsdigita.com/bboard/q-and-a-fetch-msg?msg_id=000hNB
However, the exploit script therein causes no damage at all when run against my local OpenACS 3.2.5 installation, which uses AOLserver 3.3+ad13.
Is it possible that this problem was fixed in AOLserver 3.3 as well as in 3.3.1?