You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "Gonyou, Austin" <au...@coremetrics.com> on 2001/06/14 00:22:56 UTC
RE: Bugtraq ID 2503 : Apache Artificially Long Slash Path Direct
oryListing Exploit (fwd)
Apache on w2k?
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-796-9023
email: austin@coremetrics.com
> -----Original Message-----
> From: Jerry Baker [mailto:jerrybaker@weirdness.com]
> Sent: Wednesday, June 13, 2001 5:22 PM
> To: new-httpd@apache.org
> Subject: Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path
> DirectoryListing Exploit (fwd)
>
>
> I tried it with up to 300 "/"'s on Win2k without success.
>
> --
> Jerry Baker
>
> "The only normal people are the ones you don't know very well." - Joe
> Ancis
>
> PGP Key:
> http://keyserver.pgp.com:80/pks/lookup?op=get&exact=off&search
> =0xD4B2493F
> LAME Binaries: http://jerbaker.dhs.org/lame
>
Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path
DirectoryListing Exploit (fwd)
Posted by Jerry Baker <je...@weirdness.com>.
"Gonyou, Austin" wrote:
>
> Apache on w2k?
>
> --
> Austin Gonyou
> Systems Architect, CCNA
> Coremetrics, Inc.
> Phone: 512-796-9023
> email: austin@coremetrics.com
>
> > -----Original Message-----
> > From: Jerry Baker [mailto:jerrybaker@weirdness.com]
> > Sent: Wednesday, June 13, 2001 5:22 PM
> > To: new-httpd@apache.org
> > Subject: Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path
> > DirectoryListing Exploit (fwd)
> >
> >
> > I tried it with up to 300 "/"'s on Win2k without success.
> >
> > --
> > Jerry Baker
Apache from CVS yesterday.
--
Jerry Baker
"The only normal people are the ones you don't know very well." - Joe
Ancis
PGP Key:
http://keyserver.pgp.com:80/pks/lookup?op=get&exact=off&search=0xD4B2493F
LAME Binaries: http://jerbaker.dhs.org/lame