[14134] in bugtraq
Re: [Serv-U] Re: Serv-U FTP-Server v2.4a showing real path
daemon@ATHENA.MIT.EDU (Rob Beckers)
Thu Mar 2 00:30:57 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <2717700816.951905473@[192.168.0.3]>
Date: Wed, 1 Mar 2000 10:11:13 -0500
Reply-To: Rob Beckers <Rob@CAT-SOFT.COM>
From: Rob Beckers <Rob@CAT-SOFT.COM>
X-To: serv-u@cat-soft.com, Berk Ulsoy <berk@MUTEK.ORG.TR>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <38BC9012.4593C4FF@urban-a.net>
--On Tuesday, February 29, 2000 10:31 PM -0500 "x-empt ( lvhc / lou )"
<lvhc@urban-a.net> wrote:
> I was not able to reproduce this issue in any form on version 2.4a using
> the "Show path relative to home directory" option.
>
> x-empt
>
> Berk Ulsoy wrote:
>
>> Actually this is not a bug, but a nasty thing
>> if you request a wrong dir from Serv-U FTP-Server v2.4a, it will return
>> the full physical path of the disk.
>
I have not tested this on v2.4a (and am not going to), so I can't confirm
nor deny it. Either way, v2.4a is a *very* old release and should not be
used any more in a production environment. The current release is v2.5d,
available from ftp://ftp.cat-soft.com/
I have tested the above with v2.5d and it will *not* show full paths when
the "show paths relative to home dir" option is enabled in the 'setup -
users - misc' menu selection. Anyone with a license for an older version of
Serv-U can upgrade for free by simply downloading v2.5d and running the
setup program.
Rob
-/-
--- This message was entirely written using recycled electrons ---
All about FTP Serv-U v2.5d: http://www.ftpserv-u.com
FTP Serv-U list: http://www.ftpserv-u.com/helpdesk/mailinglist.htm
------------------------------------------------------------------
