vulnerability report
SUDHANSHU RAUT
sudhanshuraut1 at gmail.com
Sun Feb 4 15:46:31 EST 2018
What's the status of my report?
On Oct 12, 2017 1:49 AM, "SUDHANSHU RAUT" <sudhanshuraut1 at gmail.com> wrote:
> # vulnerability name :- htaccess
>
> # vulnerability description :- this directory contains an .htaccess files
> that is readable. this may indicate a
> server misconfiguration. htaccess files are designed to be persed by web
> serer and should not be directly
> accessable. this file could contaion sensitive info that could help an
> attacker to conduct further attacks.
> its recomended to restrict access to this file.
>
>
> discovered by scripting(htaccess_File_Readable.script)
>
>
>
>
>
> # vulnerability url :- http://www.pidgin.im/~kstange/ .htaccess
>
>
> # how to reproduce this vulnerability :- goes directly to the url
> http://www.pidgin.im/~kstange/ .htaccess
>
>
> # POC :- refer to this screenshot mentioned below :-
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20180204/a9dbd8f2/attachment.html>
More information about the security
mailing list