Re: Responsible Vulnerability Disclosure

To: Parshwa Bhavsar <parshwabhavsar2504@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: Responsible Vulnerability Disclosure
From: Dan Ritter <dsr@randomstring.org>
Date: Mon, 10 Aug 2020 11:24:29 -0400
Message-id: <[🔎] 20200810152429.GR14725@randomstring.org>
In-reply-to: <[🔎] CAA7m4TwQWDa1icyo9sW_rRbQsYwk39k=nu5jPtNTwf6_hyz_HQ@mail.gmail.com>
References: <CAA7m4Tz0FJrgtrSeUn_pnfpv0hzTZ-FyQ-LT58XGFVC8pAduVw@mail.gmail.com> <[🔎] CAA7m4TwQWDa1icyo9sW_rRbQsYwk39k=nu5jPtNTwf6_hyz_HQ@mail.gmail.com>

Parshwa Bhavsar wrote: 
> Hello there,
> 
> Is there any update on this?
> 
> > Description :-
> >
> > A malicious user can have access to some admin data through this
> > vulnerability.
> > This vulnerability is also called "Directory Listening".
> >
> >
> > Vulnerable URL :-
> >
> > http://ftp.debian.org/debian/pool/main/n/nautilus-admin/

That's not an administrative system. That's software
distribution, for a package called "nautilus-admin".

There's no security impact here. 

-dsr-

Reply to:

References:
- Re: Responsible Vulnerability Disclosure
  - From: Parshwa Bhavsar <parshwabhavsar2504@gmail.com>

Prev by Date: Can't start Gimp in Bullseye
Next by Date: Re: Lenovo S205 boot
Previous by thread: Re: Responsible Vulnerability Disclosure
Next by thread: Can't start Gimp in Bullseye
Index(es):
- Date
- Thread