Bugtraq: Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location.

From: BlueRaven <blueraven () libero it>
Date: Mon, 7 Oct 2002 10:26:37 +0200

On Tue, Oct 01, 2002 at 09:57:27AM -0400, Rossen Raykov wrote:

A request like the quoted below will cause Zope to produce stack traces in
the response that will reveal the information mentioned above.


The same is if you try to access the manage interface and, after a failed
login, click Cancel: the stack trace includes the full path infos.
Verified on a 2.5.1 (stable) installation.

-- 
BlueRaven

There are only 10 types of people in this world...
those who understand binary, and those who don't.

By Date By Thread

Current thread:

Insecure XML-RPC handling in Zope reveals the distribution physic al location. Rossen Raykov (Oct 01)
- Re: Insecure XML-RPC handling in Zope reveals the distribution physic al location. BlueRaven (Oct 07)