Bugtraq mailing list archives
Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS
From: Phil Stracchino <alaric () babcom com>
Date: Fri, 27 Jul 2001 15:43:59 -0700
On Fri, Jul 27, 2001 at 06:12:11PM -0400, Brian Dinello wrote:
As we don't have access to all versions of Apache on all platforms, I can't say for certain that this will work on all of them. The version that we have successfully tested on with 100% consistency is Apache 1.3.12 on NT4. Please let me know if you duplicate this success on any other platforms.
I was unable to reproduce it on Apache 1.3.20/PHP4.0.6/mysql-3.23.36 on Slackware 7.0. -- Linux Now! ..........Because friends don't let friends use Microsoft. phil stracchino -- the renaissance man -- mystic zen biker geek alaric () babcom com halmayne () sourceforge net 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold)
Current thread:
- RE: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Brian Dinello (Jul 27)
- Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Andreas Schmitz (Jul 28)
- Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS Phil Stracchino (Jul 28)
- Re: Apache Artificially Long Slash Path Directory Listing Vulnera bility -- FILE READ ACCESS peter . allen (Jul 28)
- RE: Apache Artificially Long Slash Path Directory Listing Vulnerability -- FILE READ ACCESS Chip McClure (Jul 28)