Re: ADSM NT Webshell Client
1997-08-21 12:27:08
Subject: |
Re: ADSM NT Webshell Client |
From: |
Dave Barber <dbarber AT FORD DOT COM> |
Date: |
Thu, 21 Aug 1997 12:27:08 -0400 |
A couple other issues with Webshell:
A window resize in some browsers will report the form data, and
execute the backup/restore _again_.
A security hole we found: since webshell is a simple httpd
it allows users to view any subdirectories of the defined mount
point of the server, which allowed us to view the dsm.opt file
which contained our password.
Both of these issues were found on webshell 2.1.6, and if there is a new
version they may not exist.
Regards,
David Barber
|
|
|