> Actually this is not a bug, but a nasty thing > if you request a wrong dir from Serv-U FTP-Server v2.4a, it will > return the full physical path of the disk. Yes, but Apache does the same thing with various error conditions too (atleast 1.3.6 does) unless you chroot it. It's not a serious security bug.. not without an exploit to team up with it. ~ Signal 11
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:38:31 PDT