Problem fixed. Thanks.
Vid Tue, 14 Jul 2015 kl. 18.05.17, skrev [email protected]: > Dear Sir / Madam , > > > This is* Mahender Singh* *Security Researcher* from *India*, > i have found bug that i would like to share with your security team, > this > bug is related server file discloser, i have explain deeply as > follows, > > *Vulnerability* : GIT Config > > *Vulnerable link *: www.openssl.org > > *Payload =* .git/config > > *then final url *= http://www.openssl.org/.git/config > > > I have Attached POC as follow > > > *Refer URL* > > http://blogs.msdn.com/b/bharry/archive/2014/12/18/git-vulnerability- > with-git-config.aspx > > https://blog.netspi.com/dumping-git-data-from-misconfigured-web- > servers/ > > https://www.owasp.org/index.php/Top_10_2013-A5 > > > I have given enough details of Vulnerability if you need anything else > you > can contact me at my mail id mahendersingh2706@gmail > <[email protected]>.com > > Hope you will patch this as soon as. > > Thank You > > Regarding > *Mahender Singh* > *Cyber Security Researcher* -- Richard Levitte [email protected] _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
