[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)

Subject: Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)
From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
Date: Wed, 13 Jun 2001 18:02:01 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Seems pretty simple to me... turn off Indexes!
You should be doing that anyway.  The blank index.html thrown into a
directory is a lame cheat and a *lot* more work than just disabling
Indexes and being done with it.

CarrieB

References:
- [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit (fwd)
  - From: ProServe - Peter Batenburg

Prev by Date: Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit (fwd)
Next by Date: Re: [cobalt-security] profile of a bind worm
Previous by thread: Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path Directory Listing Exploit (fwd)
Next by thread: [cobalt-security] Security Plan

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index