[21953] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS

daemon@ATHENA.MIT.EDU (Andreas Schmitz)
Fri Jul 27 23:09:58 2001

Date: Sat, 28 Jul 2001 00:39:55 +0200
To: Bugtraq <bugtraq@securityfocus.com>
Message-ID: <20010728003955.A3565@sammael.tabu.stw-bonn.de>
Mail-Followup-To: stranger@sammael.tabu.stw-bonn.de,
	Bugtraq <bugtraq@securityfocus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <9B515520AA3CD411B36900508B6636B508F8C9BC@mi8nycmail02.mi8.com>; from brian.dinello@vigilantminds.com on Fri, Jul 27, 2001 at 06:12:11PM -0400
From: Andreas Schmitz <stranger@sammael.tabu.stw-bonn.de>

Brian Dinello wrote:

> Please let me know if you duplicate this success on any other platforms.

I have a success, but no vulnerability on Apache 1.3.9 running on
Debian/GNU Linux potato (2.2). Like Uday Moorjani I just get my default
Apache page. I don't thing I miscounted the /es, cut'n'waste is mostly
quite reliable ;-)

Andreas


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21953] in bugtraq

Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS

daemon@ATHENA.MIT.EDU (Andreas Schmitz)Fri Jul 27 23:09:58 2001

daemon@ATHENA.MIT.EDU (Andreas Schmitz)
Fri Jul 27 23:09:58 2001