[23095] in bugtraq
Re: IBM AS/400 HTTP Server '/' attack
daemon@ATHENA.MIT.EDU (Thor@HammerofGod.com)
Fri Nov 9 02:20:15 2001
From: Thor@HammerofGod.com
To: BUGTRAQ@securityfocus.com
Message-Id: <5.1.0.14.0.20011108140305.00b15428@192.168.3.190>
Date: Thu, 08 Nov 2001 14:03:54 -0800
Mime-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Since I reported this "non-security" bug so long ago I hope it is fixed
> through the regular set of changes. I cannot confirm this bug was fixed.
> As far as I know this vulnerability was not yet reported to the public.
JD Glaser and Saumil Shah (Foundstone) covered this in their Blackhat
Session in Hong Kong. I would think that the materials would be on the
Blackhat site (www.blackhat.com) at this point if you wanted to check them out.
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBO+sBSohsmyD15h5gEQKKBQCgrMT7uTCR0JYv47L1SzSb7/lA1cUAoMGq
91VNuoD4NNYuB2Vp080Fh4nI
=7ZNB
-----END PGP SIGNATURE-----
