Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS

From: Phil Stracchino (alaricat_private)
Date: Fri Jul 27 2001 - 15:43:59 PDT

  • Next message: Chip McClure: "RE: Apache Artificially Long Slash Path Directory Listing Vulnerability -- FILE READ ACCESS" 

    On Fri, Jul 27, 2001 at 06:12:11PM -0400, Brian Dinello wrote:
> 
> 
> As we don't have access to all versions of Apache on all platforms, I can't
> say for certain that this will work on all of them.  The version that we
> have successfully tested on with 100% consistency is Apache 1.3.12 on NT4.  
> 
> Please let me know if you duplicate this success on any other platforms.

I was unable to reproduce it on Apache 1.3.20/PHP4.0.6/mysql-3.23.36 on 
Slackware 7.0.


-- 
 Linux Now!   ..........Because friends don't let friends use Microsoft.
 phil stracchino   --   the renaissance man   --   mystic zen biker geek
        alaricat_private                halmayneat_private
   2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)

    This archive was generated by hypermail 2b30 : Fri Jul 27 2001 - 19:37:16 PDT