[icecast] insecure html templates
alet at unice.fr
Mon Oct 8 14:28:55 UTC 2001
the default html templates for icecast 1.3.11 from Debian reveals
pathnames on the server, e.g. the directory from which static files are
streamed. Not sure if this is the case with the original version's
the templates causing problem are those accessible from list.cgi :
list.cgi is accessible even with web administration disabled, and by
default it shouldn't reveal servers paths IMHO.
PS: does somebody has a searchable or downloadable mail archive ?
Jerome Alet - alet at unice.fr - http://cortex.unice.fr/~jerome
Fac de Medecine de Nice http://wwwmed.unice.fr
Tel: (+33) 4 93 37 76 30 Fax: (+33) 4 93 53 15 15
28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast