Vulnerability Development mailing list archives
Re: CGI source being exposed using "~"
From: buanzox () USA NET (Arturo Busleiman)
Date: Mon, 8 May 2000 12:17:22 -0300
On Sun, 7 May 2000, Nathan Einwechter wrote:
Hello all,
hi nat!
This is obviously a problem, but why is it occuring? As far as I can tell, the server is running on Apache 1.3.9 (linux).
well, I'm running Apache 1.3.9 PHP 3.0.14 (Linux), I tested by using $ lynx localhost/cgi-bin/test-cgi~ I got a 403/Forbidden response. Just to check, I listed it's permissions and ownership: -rwxr-xr-x 1 nobody nogroup 757 Feb 11 18:22 test-cgi*
PS Please do not stereotype people whome are teenagers, and interested in security as "Crackers" or "Script Kiddies" as many of us are not.
Motion Seconded! I'm 18 years old, and since 12 that I'm concerned with security, but as I had always investigated by myself (I first installed linux 5 years ago and I have previously programmed and read all by myself ) without asking questions, that's why they never mmmmm shut me up. The administrators of various important argentinan ISPs and government sites now qualify me as a white hat hacker, and it makes me really happy. *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net *> Lista social de mail. Envia e-mail en blanco a lsb-subscribe () egroups com *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!
Current thread:
- Re: CGI source being exposed using "~", (continued)
- Re: CGI source being exposed using "~" Jonathan Williams (May 07)
- Re: CGI source being exposed using "~" Brian Hatch (May 07)
- Re: CGI source being exposed using "~" Richard Stevenson (May 07)
- Re: CGI source being exposed using "~" Pete Krawczyk (May 07)
- Re: CGI source being exposed using "~" phi-vuldev () EXORSUS NET (May 07)
- Re: CGI source being exposed using "~" Andrew Reisse (May 07)
- Re: CGI source being exposed using "~" Pavel Kankovsky (May 09)
- Re: CGI source being exposed using "~" javier (May 07)
- Re: CGI source being exposed using "~" Joe (May 08)
- Re: CGI source being exposed using "~" Bluefish (May 09)
- Re: CGI source being exposed using "~" Arturo Busleiman (May 08)
- Re: CGI source being exposed using "~" Jordan Dimov (May 08)
- Re: CGI source being exposed using "~" Adam Clarke (May 08)
- Re: CGI source being exposed using Labu Labi (May 08)
- Re: CGI source being exposed using "~" Jeremy Gaddis (May 07)
- Re: CGI source being exposed using "~" Irwan Shahrin Ismail (May 07)
- Re: CGI source being exposed using "~" George Capehart (May 08)
- Re: CGI source being exposed using "~" Brian McKinney (May 08)
- Re: CGI source being exposed using "~" Joe (May 09)
- Alternative ways of IP spoofing? Max.P (May 09)
- Re: Alternative ways of IP spoofing? Justin Randall (May 09)
(Thread continues...)