oss-sec mailing list archives
Re: nginx world-readable logdir
From: Henri Salo <henri () nerv fi>
Date: Fri, 22 Feb 2013 10:49:38 +0200
On Fri, Feb 22, 2013 at 01:41:50AM -0700, Kurt Seifried wrote:
So I think that ${subject} is just a misconfiguration.Welp I confirmed it on Fedora 16. So at least some things are affected.
Some distros are affected. Good to hear not all are. This is not just misconfiguration. -- Henri Salo
Current thread:
- Re: nginx world-readable logdir, (continued)
- Re: nginx world-readable logdir Henri Salo (Feb 21)
- CVE request: nginx world-readable logdir Henri Salo (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir gremlin (Feb 22)
- Re: nginx world-readable logdir Kurt Seifried (Feb 22)
- Re: nginx world-readable logdir Henri Salo (Feb 22)
- Re: nginx world-readable logdir gremlin (Feb 22)
- nginx CVE-2013-0337 world-readable logs gremlin (Feb 23)
- Re: nginx CVE-2013-0337 world-readable logs Kurt Seifried (Feb 24)