Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
The father of all bombs - another webdav fiasco Jun 01 2009 08:46PM
Kingcope (kcope2 googlemail com)
Apache mod_dav / svn Remote Denial of Service Exploit

Google Dorks:
inurl:svn inurl:trunk
"powered by subversion version"

Information on the bug (XML Bomb):
http://blog.didierstevens.com/2008/09/23/dismantling-an-xml-bomb/

Enjoy!

------------------------------------------------------------------...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus