[pLog-svn] [Lifetype Vulnerability] Very Serious File Disclosure Problem (read passwords/config whatever you want)
Ammar Ibrahim
ammar.ibrahim at gmail.com
Wed Feb 14 03:35:33 EST 2007
Can we have more info about this Vulnerability? I want to check if our
servers are infected with it,
Ammar
On 2/13/07, Matt Wood <matt at woodzy.com> wrote:
> Dev List,
>
> There exists a very serious file disclosure vulnerability within the RSS engines that allows anyone to read the contents of files considered to be secure.
>
> I highly suggest that everyone turn off all RSS off at the moment.
>
> I also suppose you will want to let other people know, I don't really have the time to mess with the forums warning people.
>
> Oscar / Jon, I will contact you separately later tonight as this vulnerability compromises www.lifetype.net... and I don't really want our new server to get hosed.
>
> -Matt
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
More information about the pLog-svn
mailing list