[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Advanced warning
- Subject: Re: [cobalt-security] Advanced warning
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Mon, 25 Jun 2001 10:22:22 +0100 (BST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Mon, 25 Jun 2001, Carrie Bartkowiak wrote:
> > An exploit for the Apache hole "Artificially Long Slash Path
> Directory
> > Listing" is out in the public. I've archived it online at;
> > http://owned.lab6.com/~gossi/RaQ-security/exploits/apache2.pl
>
> You don't have permission to access
> /~gossi/RaQ-security/exploits/apache2.pl on this server.
Oh, bollocks. Apache is slightly, ahem, misconfigured on owned. I'll fix
it in a minute.