On Sun, Sep 23, 2001 at 10:36:33AM -0400, Paul Everitt wrote:
>
> Do others consider this a vulnerability? While it reveals more
> information than people might want, I'm curious about scenarios under
> which it could be exploited.
>
> If any of you know of something *specific*, meaning it's a genuinely
> exploitable vulnerability, please email me or Brian Lloyd
> ([EMAIL PROTECTED]) directly, rather than explain to the world how to do it.
> ...
> ...
> > Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/OFS/Property
Think about social engeniering.
Knowing this sort of things, while this is not a vulnerability in itself,
allows everybody to remotely know were Data.fs is.
bye,
Jerome Alet
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
