Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS
From: Andreas Schmitz (stranger@sammael.tabu.stw-bonn.de)Date: 07/28/01
- Previous message: Stephen Cope: "Re: Apache Artificially Long Slash Path Directory Listing Vulnerabili ty -- FILE READ ACCESS"
- In reply to: Brian Dinello: "RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 28 Jul 2001 00:39:55 +0200 To: Bugtraq <bugtraq@securityfocus.com> Subject: Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Message-ID: <20010728003955.A3565@sammael.tabu.stw-bonn.de> From: Andreas Schmitz <stranger@sammael.tabu.stw-bonn.de>
Brian Dinello wrote:
> Please let me know if you duplicate this success on any other platforms.
I have a success, but no vulnerability on Apache 1.3.9 running on
Debian/GNU Linux potato (2.2). Like Uday Moorjani I just get my default
Apache page. I don't thing I miscounted the /es, cut'n'waste is mostly
quite reliable ;-)
Andreas
- Previous message: Stephen Cope: "Re: Apache Artificially Long Slash Path Directory Listing Vulnerabili ty -- FILE READ ACCESS"
- In reply to: Brian Dinello: "RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
