Bugtraq mailing list archives

Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS

From: Andreas Schmitz <stranger () sammael tabu stw-bonn de>
Date: Sat, 28 Jul 2001 00:39:55 +0200

Brian Dinello wrote:

Please let me know if you duplicate this success on any other platforms.


I have a success, but no vulnerability on Apache 1.3.9 running on
Debian/GNU Linux potato (2.2). Like Uday Moorjani I just get my default
Apache page. I don't thing I miscounted the /es, cut'n'waste is mostly
quite reliable ;-)

Andreas

Current thread:

RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Brian Dinello (Jul 27)
- Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Andreas Schmitz (Jul 28)
- Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Phil Stracchino (Jul 28)
  - Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS peter . allen (Jul 28)
    - Re: Apache Artificially Long Slash Path Directory ListingVulnera bility -- FILE READ ACCESS Ken (Jul 30)
    - Re: Apache Artificially Long Slash Path Directory ListingVulnera bility -- FILE READ ACCESS Seva Gluschenko (Jul 31)
- RE: Apache Artificially Long Slash Path Directory Listing Vulnerability -- FILE READ ACCESS Chip McClure (Jul 28)