| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040721182412.M49950@embratel.net.br>
From: buick at microlink.com.br (Buick Sk)
Subject: Vulnerability in sourceforge.net
Hi,
> It's not a mis-configuration, this does not allow you to look at any
> secret file, only the files that the user nobody can read.
this not vulnerability.. only read system (capture for attack??)....
I sugestion for (others) administrator test/verify if missing configuration in
yours self... ;)
http://btmgr.sourceforge.net/index.php3?body=../../../../../../proc/{cpuinfo,version,...
/etc/passwd, /etc/{fs,mtab and etc.. information into site...
good /proc/uptime this machine ;)
Buick Sk
Powered by blists - more mailing lists