On Sun, Sep 23, 2001 at 10:36:33AM -0400, Paul Everitt wrote:
> Do others consider this a vulnerability?  While it reveals more 
> information than people might want, I'm curious about scenarios under 
> which it could be exploited.
> If any of you know of something *specific*, meaning it's a genuinely 
> exploitable vulnerability, please email me or Brian Lloyd 
> ([EMAIL PROTECTED]) directly, rather than explain to the world how to do it.
> ...
> ...
> > Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/OFS/Property

Think about social engeniering.
Knowing this sort of things, while this is not a vulnerability in itself,
allows everybody to remotely know were Data.fs is.


Jerome Alet

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to