Full Disclosure mailing list archives
Re: unarj dir-transversal bug (../../../..)
From: <doubles () hush com>
Date: Mon, 11 Oct 2004 04:10:07 -0700
On Mon, 11 Oct 2004 03:38:38 -0700 Chris Umphress <umphress () gmail com> wrote:
That was certainly a useful explanation. Isn't stuff on this list supposed to be readable? Anyhow, if I'm reading what you've said correctly, it's supposed to work that way. Most programs pass the "../" (or "..\") to the OS to handle.
http://www.google.com/search?q=%22directory+traversal%22&meta= doubles Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- unarj dir-transversal bug (../../../..) doubles (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- <Possible follow-ups>
- Re: unarj dir-transversal bug (../../../..) doubles (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 11)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Christian Kujau (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Chris Umphress (Oct 11)
- Re: unarj dir-transversal bug (../../../..) evilninja (Oct 12)
- Re: unarj dir-transversal bug (../../../..) Cedric Blancher (Oct 12)
- Re: [OT] unarj dir-transversal bug (../../../..) evilninja (Oct 12)