[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)

Subject: RE: [cobalt-security] Bugtraq ID 2503 : Apache Artificially Long Slash Path DirectoryListing Exploit (fwd)
From: M.C.Hudson@xxxxxxxxxx
Date: Fri, 15 Jun 2001 12:51:21 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> -----Original Message-----
> From: Carrie Bartkowiak [mailto:ravencarrie@xxxxxxxx]
> Sent: Wednesday, June 13, 2001 11:02 PM
> To: cobalt-security
> Subject: Re: [cobalt-security] Bugtraq ID 2503 : Apache Artificially
> Long Slash Path DirectoryListing Exploit (fwd)
> 
> 
> Seems pretty simple to me... turn off Indexes!
> You should be doing that anyway.  The blank index.html thrown into a
> directory is a lame cheat and a *lot* more work than just disabling
> Indexes and being done with it.
>

Prev by Date: RE: [cobalt-security] fpipe - interesting security experiment
Next by Date: [cobalt-security] A hacker at work
Previous by thread: Re: [cobalt-security] running named -u named
Next by thread: [cobalt-security] A hacker at work

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index