[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] telnet on raq3 allows users to view source of other sites

Subject: [cobalt-users] telnet on raq3 allows users to view source of other sites
From: Luc Schiltz <becher@xxxxxx>
Date: Sat Feb 19 04:02:58 2000

hi,

why has anybody, who got telnet access, access to other sites e.g

I created a user called test with telnet access
this user test logs into the raq3 an can cd /home/sites/site14
do an ls -la of the web directory etc ...

is there any patch available for this ? as this presents a big security hole, e.g.
a user who is running php3 and connects to a mysql database, he got the login & passwd
of the mysql database stored in a file in the directory web ...

thanks


Luc

Follow-Ups:
- Re: [cobalt-users] telnet on raq3 allows users to view source of other sites
  - From: PowerClicks
- Re: [cobalt-users] telnet on raq3 allows users to view source of other sites
  - From: Steven Werby
- Re: [cobalt-users] telnet on raq3 allows users to view source of other sites
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] can someone tell me why I made this move???
Next by Date: [cobalt-users] How to build PKG files ?
Previous by thread: [cobalt-users] telnet on raq3 allows users to view source of other sites
Next by thread: Re: [cobalt-users] telnet on raq3 allows users to view source of other sites

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index