Major Security Holes [Archive] - VoIP Forums, Internet Phone Service Forums, & Web Hosting Forums

View Full Version : Major Security Holes

jasont

09-24-2001, 09:16 PM

I found that the following directories are visible to anyone
http://mail.yoururl.com
http://www.yoururl.com/cart
http://www.yoururl.com/openbb

also it doesnt seem possible to completely dissable
anonymous FTP access.

FIXES to above problems

http://www.yoururl.com/cart simply add a index.html sending
user back to your site
http://www.yoururl.com/openbb same as above

however for the mail.yoururl.com there doesnt seem to
be an immediate solution, as it wont process html files

Does anyone know how to FIX THIS ???

Darin

09-24-2001, 09:20 PM

You could just CHMOD those folders, so they won't be visible to the public. I wouldn't consider them major security holes. :rolleyes:

jasont

09-24-2001, 09:28 PM

Originally posted by Darin
You could just CHMOD those folders, so they won't be visible to the public. I wouldn't consider them major security holes. :rolleyes:

the mail.yoururl.com is CHMOD'd but
its still viewable to the public
its set at 770

Darin

09-24-2001, 09:30 PM

701 stops anyone from seeing them.

jasont

09-24-2001, 09:32 PM

nope doesnt work

http://mail.yoururl.com
still shows the directory contents