People mis-configure Apache all the time. They leave their site wide open for attack. They're vulnerable.
Saying it's not a vulnerability when 3,000 sites all have their source code visible to the world is like having your arm chopped off and saying "no it isn't, it's just a flesh wound."
I know it's not a cool remote root buffer overflow exploit hat trick 540 front side flip, but it's a security hole which people need to be educated about.
Saying it's not a vulnerability when 3,000 sites all have their source code visible to the world is like having your arm chopped off and saying "no it isn't, it's just a flesh wound."
I know it's not a cool remote root buffer overflow exploit hat trick 540 front side flip, but it's a security hole which people need to be educated about.