Bugtraq mailing list archives

Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/")

From: Dave Weis <djweis () sjdjweis com>
Date: Mon, 9 Feb 2004 13:48:18 -0600 (CST)


On 5 Feb 2004, Wang Yun wrote:

TOPIC: ====== Apache + Resin Reveals JSP Source Code to Remote Users And
Any Users Can Access Resin Forbidden Directory ("/WEB-INF/")


This doesn't seem to affect Solaris or Linux installations of Apache & 
Resin.

dave

-- 
Dave Weis             "I believe there are more instances of the abridgment
djweis () sjdjweis com   of the freedom of the people by gradual and silent
                      encroachments of those in power than by violent 
                      and sudden usurpations."- James Madison

Current thread:

Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Wang Yun (Feb 09)
- Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Dave Weis (Feb 10)
  - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer (Feb 12)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Oliver Schneider (Feb 12)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") André Malo (Feb 13)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones (Feb 13)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") J. (Feb 17)
    - RE: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Alun Jones (Feb 17)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Peter J. Holzer (Feb 19)
    - Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Axel Beckert - ecos gmbh (Feb 16)
- Re: Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access The Forbidden Directory ("/WEB-INF/") Bill Stoddard (Feb 13)