mailing list archives
Re: Serv-U FTP-Server v2.4a showing real path
From: signal11 () MEDIAONE NET (Signal 11)
Date: Tue, 29 Feb 2000 22:36:48 -0600
Actually this is not a bug, but a nasty thing
if you request a wrong dir from Serv-U FTP-Server v2.4a, it will
return the full physical path of the disk.
Yes, but Apache does the same thing with various error conditions
too (atleast 1.3.6 does) unless you chroot it. It's not a serious
security bug.. not without an exploit to team up with it.
~ Signal 11