|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: (no subject)
From: Chris A. Mattingly (chris.mattingly
INTERPATH.NET)Date: Wed Jul 05 2000 - 13:40:40 CDT
- Next message: Bluefish: "Re: default password list (BIOS Master Passwords)"
- Previous message: OutCasT: "Re: BitchX /ignore bug"
- In reply to: The Incubus: "(no subject)"
- Next in thread: 3APA3A: "(no subject)"
- Reply: Chris A. Mattingly: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The Incubus wrote:
>
> Hi there,
>
> probably this is already known, but I've noticed that a default install of
> Apache on a RedHat linux server can give you valid logins... I did check
> the apache and redhat websites for this misconfiguration, but didn't find
> anything... I also checked securityfocus and such, and didn't find anything
> either...
>
> When we do www.redhatserver.com/~validlogin we get a 403, when we try with
> another login (which is not valid) we get a 404.
On my FreeBSD/apache configuration I get a 404 whether the user
exists or not (unless said user has a directory matching the
UserDir configuration)
Dunno whether this points to a linux/apache issue or a configuration
issue though.
Just my $0.02. :)
-Chris
- text/x-vcard attachment: Card for Chris A. Mattingly
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature
- Next message: Bluefish: "Re: default password list (BIOS Master Passwords)"
- Previous message: OutCasT: "Re: BitchX /ignore bug"
- In reply to: The Incubus: "(no subject)"
- Next in thread: 3APA3A: "(no subject)"
- Reply: Chris A. Mattingly: "(no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]