Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS

From: Andreas Schmitz (strangerat_private-bonn.de)
Date: Fri Jul 27 2001 - 15:39:55 PDT

Next message: Jake Luck: "solaris in.lpd patch where/when?"

Previous message: Keith Warno: "Re: UDP packet handling weird behaviour of various operating systems"
In reply to: Brian Dinello: "RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Brian Dinello wrote:

> Please let me know if you duplicate this success on any other platforms.

I have a success, but no vulnerability on Apache 1.3.9 running on
Debian/GNU Linux potato (2.2). Like Uday Moorjani I just get my default
Apache page. I don't thing I miscounted the /es, cut'n'waste is mostly
quite reliable ;-)

Andreas

Next message: Jake Luck: "solaris in.lpd patch where/when?"
Previous message: Keith Warno: "Re: UDP packet handling weird behaviour of various operating systems"
In reply to: Brian Dinello: "RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 27 2001 - 19:49:26 PDT