Here's Martin's response to my question about what Apache versions have that hole: ------- Forwarded Message Date: Tue, 13 Mar 2001 09:51:52 +0100 From: Martin Kraemer <[EMAIL PROTECTED]> Subject: Re: [ANNOUNCE] Apache 1.3.19 Released Message-ID: <[EMAIL PROTECTED]> On Mon, Mar 12, 2001 at 06:40:04PM -0800, Dan Harkless wrote: > What versions of Apache are susceptible to that "very long path" directory > listing disclosure bug? All previous versions, or...? Yes, unfortunately. This bug probably was already in 1.2.x. Martin - -- <[EMAIL PROTECTED]> | Fujitsu Siemens Fon: +49-89-636-46021, FAX: +49-89-636-41143 | 81730 Munich, Germany ------- End of Forwarded Message ---------------------------------------------------------------------- Dan Harkless | To prevent SPAM contamination, please [EMAIL PROTECTED] | do not mention this private email SpeedGate Communications, Inc. | address in Usenet posts. Thank you.
