6 lines
No EOL
386 B
Text
6 lines
No EOL
386 B
Text
source: http://www.securityfocus.com/bid/1083/info
|
|
|
|
The default configuration of Cobalt Raq2 and Raq3 servers allows remote access to .htaccess files. This could lead to unauthorized retrieval of username and password information for restricted portions of a website hosted on the server.
|
|
|
|
Make a regular GET request, specifying an .htaccess file ie:
|
|
http ://target/path/.htaccess |