another security hole

To: security@debian.org
Cc: debian-devel@lists.debian.org
Subject: another security hole
From: Grzegorz Stelmaszek <greg@tenet.pl>
Date: Sun, 11 Jul 1999 13:23:32 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.10.9907111320310.15360-100000@main.tenet.pl>

hi,

all of you from debian are funny men, but what could i do ;< ?
I'd sent this report to security but i see no reaction, so once again:
I'd found a bug allowing remote users to list any directory in the os,
when it uses cgi-scripts package.

Bug report was sent 26 days ago, and up to this time, noone anwered to it.

     * #39395: cgi-scripts: bug in nph-test-cgi allowing directory

Regards,
	Greg

PS.
  Don't answer that directory listing is not important for hackerz

*************************************************************************** 
* Grzegorz Stelmaszek        *          For my public PGP key:
* mailto:greg@tenet.pl       *           finger:greg@tenet.pl
* http://www.tenet.pl        *         18 E9 5E 6D 78 F0 11 F2
******************************         45 CF CF 63 77 C0 A4 20
           >>> Microsoft Certified Professional <<<

Reply to:

Follow-Ups:
- Re: another security hole
  - From: Josip Rodin <jrodin@public.srce.hr>

Prev by Date: Re: ITP: libcgi-pm-perl
Next by Date: Re: Request: Ticker-2-Mail
Previous by thread: Re: bugs on -devel?
Next by thread: Re: another security hole
Index(es):
- Date
- Thread