mailing list archives
Re: blogtorrent remote/local user password disclosure
From: trashtrash () free fr
Date: 14 Jul 2005 05:55:54 -0000
The proposed fix does not work.
How about placing a .htaccess with deny from all in the data and torrents directories ?
I'm not sure that there is a vulnerability. My version of blogtorrent (<0.92) has automatically created the .htaccess...