[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)
- Subject: RE: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)
- From: M.C.Hudson@xxxxxxxxxx
- Date: Fri, 15 Jun 2001 12:51:21 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> -----Original Message-----
> From: Carrie Bartkowiak [mailto:ravencarrie@xxxxxxxx]
> Sent: Wednesday, June 13, 2001 11:02 PM
> To: cobalt-security
> Subject: Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially
> Long Slash Path DirectoryListing Exploit (fwd)
>
>
> Seems pretty simple to me... turn off Indexes!
> You should be doing that anyway. The blank index.html thrown into a
> directory is a lame cheat and a *lot* more work than just disabling
> Indexes and being done with it.
>