Bugtraq mailing list archives
Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location.
From: BlueRaven <blueraven () libero it>
Date: Mon, 7 Oct 2002 10:26:37 +0200
On Tue, Oct 01, 2002 at 09:57:27AM -0400, Rossen Raykov wrote:
A request like the quoted below will cause Zope to produce stack traces in the response that will reveal the information mentioned above.
The same is if you try to access the manage interface and, after a failed login, click Cancel: the stack trace includes the full path infos. Verified on a 2.5.1 (stable) installation. -- BlueRaven There are only 10 types of people in this world... those who understand binary, and those who don't.
Current thread:
- Insecure XML-RPC handling in Zope reveals the distribution physic al location. Rossen Raykov (Oct 01)
- Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location. BlueRaven (Oct 07)