Open Bug 795323 Opened 12 years ago Updated 10 years ago

directory listing in http://planet.mozilla.org

Categories

(Websites :: planet.mozilla.org, defect)

Product:
Websites
Component:
planet.mozilla.org
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

People

(Reporter: shashankcyberboy, Assigned: reed)

Details

(Keywords: sec-low, wsec-disclosure)

Attachments

(1 file)

directory listing
116.04 KB, image/png
Details
Attached image directory listing 
certain directories of http://planet.mozilla.org/ are having directory listing vulnerabilities. The urls of them are 

1. http://planet.mozilla.org/img/  
2. http://planet.mozilla.org/projects/img/
please add an index page in order to fiix directory listing
Assignee: server-ops-devservices → server-ops-webops
Component: CVS: Administration → Server Operations: Web Operations
QA Contact: shyam → cshields
Assignee: server-ops-webops → nobody
Component: Server Operations: Web Operations → planet.mozilla.org
OS: Windows 7 → All
Product: mozilla.org → Websites
QA Contact: cshields
Hardware: x86 → All
This is not a security vulnerability.
is directory listing not counted in vulnerablities ??? or only critical directory listing ???(In reply to Reed Loden [:reed] from comment #2)
> This is not a security vulnerability.
It depends - it can be a security risk if the directory is critical / contains sensitive files. In this case, it's merely the image folders for the site. Not a big risk.
Assignee: nobody → reed
Severity: normal → minor
Status: UNCONFIRMED → NEW
Ever confirmed: true
then plz chek my another bug ... bug id 795639  there is sensitive directory listing 
(In reply to Matt Fuller :mfuller from comment #4)
> It depends - it can be a security risk if the directory is critical /
> contains sensitive files. In this case, it's merely the image folders for
> the site. Not a big risk.
well am i going to get bounty for it ???
replys plzz???????????????????????????????????????????/
Flags: sec-bounty?
what do u mean ??? :/
(In reply to shashank from comment #8)
> what do u mean ??? :/

Please stop spamming the bug, issues are handled based on the priority of the issue. This issue is a low and as such is not eligible for a bounty. Planet is a blog platform and contains no sensitive information.

The other bug is both a duplicate of an existing issue and a low, and thus also not eligible for a bounty.
Flags: sec-bounty? → sec-bounty-
Keywords: sec-low, wsec-disclosure
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: