On Sun, Sep 23, 2001 at 10:36:33AM -0400, Paul Everitt wrote:
> 
> Do others consider this a vulnerability?  While it reveals more 
> information than people might want, I'm curious about scenarios under 
> which it could be exploited.
> 
> If any of you know of something *specific*, meaning it's a genuinely 
> exploitable vulnerability, please email me or Brian Lloyd 
> ([EMAIL PROTECTED]) directly, rather than explain to the world how to do it.
> ...
> ...
> > Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/OFS/Property

Think about social engeniering.
Knowing this sort of things, while this is not a vulnerability in itself,
allows everybody to remotely know were Data.fs is.

bye,

Jerome Alet


_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to