another security hole
hi,
all of you from debian are funny men, but what could i do ;< ?
I'd sent this report to security but i see no reaction, so once again:
I'd found a bug allowing remote users to list any directory in the os,
when it uses cgi-scripts package.
Bug report was sent 26 days ago, and up to this time, noone anwered to it.
* #39395: cgi-scripts: bug in nph-test-cgi allowing directory
Regards,
Greg
PS.
Don't answer that directory listing is not important for hackerz
***************************************************************************
* Grzegorz Stelmaszek * For my public PGP key:
* mailto:greg@tenet.pl * finger:greg@tenet.pl
* http://www.tenet.pl * 18 E9 5E 6D 78 F0 11 F2
****************************** 45 CF CF 63 77 C0 A4 20
>>> Microsoft Certified Professional <<<
Reply to: