Your message dated Mon, 16 Aug 1999 22:09:19 +0200 with message-id <[EMAIL PROTECTED]> and subject line [EMAIL PROTECTED]: cgi-scripts_1.0.10_i386.changes INSTALLED] has caused the attached bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I'm talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Ian Jackson (administrator, Debian bugs database) Received: (at submit) by bugs.debian.org; 12 Jun 1999 16:20:07 +0000 Received: (qmail 25752 invoked from network); 12 Jun 1999 16:20:07 -0000 Received: from main.lighting.ml.org (HELO lighting.ml.org) (195.205.44.70) by master.debian.org with SMTP; 12 Jun 1999 16:20:07 -0000 Received: (qmail 16108 invoked by uid 1000); 12 Jun 1999 16:19:39 -0000 Date: 12 Jun 1999 16:19:39 -0000 Message-ID: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED] Subject: cgi-scripts: bug in nph-test-cgi allowing directory listing To: [EMAIL PROTECTED] X-Mailer: bug 3.1.7 Package: cgi-scripts Version: 1.0.9 Hi, try doing the following: lynx http://host_name/cgi-bin/nph-test-cgi?* this will show directory listing, and allow intruder to check how to attack machine This is very old bug, so i don't know why it isn't already fixed, but ... ;-) -- System Information Debian Release: 2.1 Kernel Version: Linux main 2.2.7 #4 SMP Sun May 30 12:56:57 CEST 1999 i586 unknown Versions of the packages cgi-scripts depends on: ii libc6 2.0.7.19981211 GNU C Library: shared libraries
