[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

another security hole


all of you from debian are funny men, but what could i do ;< ?
I'd sent this report to security but i see no reaction, so once again:
I'd found a bug allowing remote users to list any directory in the os,
when it uses cgi-scripts package.

Bug report was sent 26 days ago, and up to this time, noone anwered to it.

     * #39395: cgi-scripts: bug in nph-test-cgi allowing directory


  Don't answer that directory listing is not important for hackerz

* Grzegorz Stelmaszek        *          For my public PGP key:
* mailto:greg@tenet.pl       *           finger:greg@tenet.pl
* http://www.tenet.pl        *         18 E9 5E 6D 78 F0 11 F2
******************************         45 CF CF 63 77 C0 A4 20
           >>> Microsoft Certified Professional <<<

Reply to: