Please confirm Information disclosure
Ethan Blanton
elb at pidgin.im
Wed Mar 1 09:22:27 EST 2017
Frank Vickers wrote:
> Not sure if this blog is related as well but it provides a lot of information disclosure errors
>
> http://pidgin.im/~seanegan/blog/
This blog is broken and should be fixed or retired. It may be a
potential problem.
> Also
> https://pidgin.im/shared/img/
>
> provides possible backdoor vulnerabilities. Please confirm.
This, I completely do not understand. What is your concern here?
That auto-indexing is enabled for this directory containing nothing
but static, public content linked elsewhere on the site? Please
clarify your concern.
Ethan
More information about the security
mailing list