could somone post some of the output (These file names)? -----Original Message----- From: HarryM [mailto:harrym@the-group.org] Sent: Monday, February 04, 2002 2:43 AM To: Blue Boar; Kartik Shinde Cc: vuln-devat_private Subject: Re: Reported Kazaa and Morpheus vulnerabilities > Well, I think that's what the original poster was getting at. Anyone > here tried the usual .. bugs and so on? (Either successfully or not, > we'd like to know.) > Exactly. The BBC article claims that someone has, but there's no mention of it on CERT or Securityfocus. I mean obviously if there is one it may not have been posted about.. But I thought someone might have heard something. Certainly simple things such as appending /../ or /..../ to the end of the url don't work, but those funky numeric folder names must mean something. Harry M
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 11:51:49 PST