-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Problem: An anonymous user can see the listing of the current and parent directory of CommuniGatePro WebUser directory. Vulnerable: All current versions of CommuniGatePro <= 4.0b4 Details: You can get the listing of directory by accessing the CommuiGatePro webmail for example http://host.com/. or http://host.com/.. Vendor Response: "Thanks for telling, we'll fix it. Fortunately it's not a security hole since there's no write access, the contents of that directory is of no interest and other directories are not accessible this way." -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wl4EARECAB4FAj0hQH0XHGMwcnJlY3QwckBodXNobWFpbC5jb20ACgkQ3UKq03kicjSo mgCguaeWoJfXGgL+trYOBu09bmB2T5sAn3rQ6LuLftsLd1OlXXhbgETd34Ci =a0ah -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
This archive was generated by hypermail 2b30 : Tue Jul 02 2002 - 13:40:23 PDT