On Fri, 26 Oct 2001, Sandeep Hulsandra wrote: > I just read the BugTraq solution page to the "ht://dig Arbitrary File > Inclusion Vulnerability". > > So is the htdig-3.1.5 at - http://www.htdig.org/files/htdig-3.1.5.tar.gz
The BugTraq post and the resulting SecurityFocus database entry say explicitly that 3.1.5 and before are vulnerable and 3.1.6 and newer are not. Since 3.1.6 has not been released yet, you can get a pre-release snapshot at: <http://www.htdig.org/files/snapshots/> -- -Geoff Hutchison Williams Students Online http://wso.williams.edu/ _______________________________________________ htdig-general mailing list <[EMAIL PROTECTED]> To unsubscribe, send a message to <[EMAIL PROTECTED]> with a subject of unsubscribe FAQ: http://htdig.sourceforge.net/FAQ.html
