Hi,
Thu, 20 May 2010 14:51:30 -0700, Micah Cowan <[email protected]> :
> Hm... a problem with this is that it also applies to the case when
> someone is recursively-fetching, and the remote server is (even
> accidentally) misconfigured to include .htaccess in auto-generated
> indexes (and to allow public reading of that file). No obvious way to
> avoid that situation that I can think of... might be worth documenting
> somewhere.
Is there going to be a development in this issue?
I am the Pardus GNU/Linux maintainer of wget and the security team has a
open security bug for this advisory.
Doruk
--
FISEK INSTITUTE - http://www.fisek.org.tr
