[21948] in bugtraq
RE: Apache Artificially Long Slash Path Directory Listing Vulnerability -- FILE READ ACCESS
daemon@ATHENA.MIT.EDU (Chip McClure)
Fri Jul 27 22:41:30 2001
From: "Chip McClure" <vhm3@hades.dnsalias.net>
To: "Brian Dinello" <brian.dinello@vigilantminds.com>,
"'Moorjani uday'" <moorjani@svenson.gp>, <bugtraq@securityfocus.com>
Date: Fri, 27 Jul 2001 15:46:12 -0700
Message-ID: <BBECIJOPOCKPJNAJBGAMMEAHCAAA.vhm3@hades.dnsalias.net>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <9B515520AA3CD411B36900508B6636B508F8C9BC@mi8nycmail02.mi8.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've tested it unsucessfully on the following platforms:
Apache 1.3.12 & 1.3.14 on Solaris 2.6
Apache 1.3.12 & 1.3.16 on Linux (RedHat 6.2)
Apache 1.3.16 on RedHat 7.1
Apache 1.3.19 on FreeBSD 4.2 & 4.3
No matter how many slashes I append to the string, I still come up
with the correct page. My guess, is that is an Apache / NT thing.
Chip
- -----Original Message-----
From: Brian Dinello [mailto:brian.dinello@vigilantminds.com]
Sent: Friday, July 27, 2001 3:12 PM
To: 'Moorjani uday'; 'bugtraq@securityfocus.com'
Subject: RE: Apache Artificially Long Slash Path Directory Listing
Vulnerability -- FILE READ ACCESS
As we don't have access to all versions of Apache on all platforms, I
can't
say for certain that this will work on all of them. The version that
we
have successfully tested on with 100% consistency is Apache 1.3.12 on
NT4.
Please let me know if you duplicate this success on any other
platforms.
Brian
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
iQA/AwUBO2Hu84xq/3tb9j7EEQKnUACcDV64aBwjumYip/FSyMnz+57rX+UAn3R1
f+TwY+lgwn3sKPYw3Thyj0RD
=98Xb
-----END PGP SIGNATURE-----
