I don't think that is a vulnerability.
The file /etc/master.passwd has read access for all users. Monitor can also
read it in a ssh session.
I you try that URL in a file with, let's say, 660 permissions you get a
blank page.
Regards
Jorge
-----Mensaje original-----
De: Jonas Eriksson [mailto:je (at) . (dot) . [email concealed]
The file /etc/master.passwd has read access for all users. Monitor can also
read it in a ssh session.
I you try that URL in a file with, let's say, 660 permissions you get a
blank page.
Regards
Jorge
-----Mensaje original-----
De: Jonas Eriksson [mailto:je (at) . (dot) . [email concealed]
[ more ]