Re: blogtorrent remote/local user password disclosure

trashtrash_at_free.fr
Date: 07/14/05

  • Next message: Thierry Carrez: "[ GLSA 200507-13 ] pam_ldap and nss_ldap: Plain text authentication leak" 
    Date: 14 Jul 2005 05:55:54 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is) The proposed fix does not work.
    How about placing a .htaccess with deny from all in the data and torrents directories ?

    I'm not sure that there is a vulnerability. My version of blogtorrent (<0.92) has automatically created the .htaccess...

  • Next message: Thierry Carrez: "[ GLSA 200507-13 ] pam_ldap and nss_ldap: Plain text authentication leak"

    Relevant Pages

    • Re: How to stop? 64.62.136.194 Twiceler www.cuill.com
      ... I have changed the .htaccess as Alain suggested ... deny from 64.62.136. ... which made Twiceler block all traffic for a few minutes, baah even ...
      (alt.internet.search-engines)
    • Re: Apache issue
      ... > upgrading to a new version of Apache (I configured only the new httpd.conf ... I'm bypassing all of them (.htaccess and ip list specification). ... Deny as default from all, ...
      (Focus-Linux)
    • Re: How to stop bot postings to guestlog??
      ... .htaccess is not supported/used under Windows IIS. ... FrontPage Resources, WebCircle, MS KB Quick Links, etc. ... > deny from 212.56. ... >>>> posts for obvious spam that look to be computer generated. ...
      (microsoft.public.frontpage.client)
    • Re: Bookmark4U Remote File Include
      ... The inc directory is filtered with .htaccess (Deny from all). ... vulnerable code though:) ... Remote: Yes ...
      (Bugtraq)
    • Quantcast