On Thu, Apr 24, 2003 at 01:32:50PM -0300, Jorge Merlino wrote:
> I don't think that is a vulnerability.
> The file /etc/master.passwd has read access for all users. Monitor can also
> read it in a ssh session.
> I you try that URL in a file with, let's say, 660 permissions you get a
> blank page.
> I don't think that is a vulnerability.
> The file /etc/master.passwd has read access for all users. Monitor can also
> read it in a ssh session.
> I you try that URL in a file with, let's say, 660 permissions you get a
> blank page.
U...
[ more ]