Open
Bug 795323
Opened 12 years ago
Updated 10 years ago
directory listing in http://planet.mozilla.org
Categories
(Websites :: planet.mozilla.org, defect)
Websites
planet.mozilla.org
Tracking
(Not tracked)
NEW
People
(Reporter: shashankcyberboy, Assigned: reed)
Details
(Keywords: sec-low, wsec-disclosure)
Attachments
(1 file)
116.04 KB,
image/png
|
Details |
certain directories of http://planet.mozilla.org/ are having directory listing vulnerabilities. The urls of them are 1. http://planet.mozilla.org/img/ 2. http://planet.mozilla.org/projects/img/
please add an index page in order to fiix directory listing
Updated•12 years ago
|
Assignee: server-ops-devservices → server-ops-webops
Component: CVS: Administration → Server Operations: Web Operations
QA Contact: shyam → cshields
Assignee | ||
Updated•12 years ago
|
Assignee: server-ops-webops → nobody
Component: Server Operations: Web Operations → planet.mozilla.org
OS: Windows 7 → All
Product: mozilla.org → Websites
QA Contact: cshields
Hardware: x86 → All
Assignee | ||
Comment 2•12 years ago
|
||
This is not a security vulnerability.
is directory listing not counted in vulnerablities ??? or only critical directory listing ???(In reply to Reed Loden [:reed] from comment #2) > This is not a security vulnerability.
Comment 4•12 years ago
|
||
It depends - it can be a security risk if the directory is critical / contains sensitive files. In this case, it's merely the image folders for the site. Not a big risk.
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → reed
Severity: normal → minor
Status: UNCONFIRMED → NEW
Ever confirmed: true
then plz chek my another bug ... bug id 795639 there is sensitive directory listing (In reply to Matt Fuller :mfuller from comment #4) > It depends - it can be a security risk if the directory is critical / > contains sensitive files. In this case, it's merely the image folders for > the site. Not a big risk.
Assignee | ||
Updated•11 years ago
|
Flags: sec-bounty?
(In reply to shashank from comment #8) > what do u mean ??? :/ Please stop spamming the bug, issues are handled based on the priority of the issue. This issue is a low and as such is not eligible for a bounty. Planet is a blog platform and contains no sensitive information. The other bug is both a duplicate of an existing issue and a low, and thus also not eligible for a bounty.
Flags: sec-bounty? → sec-bounty-
Keywords: sec-low,
wsec-disclosure
You need to log in
before you can comment on or make changes to this bug.
Description
•