Closed Bug 1297937 Opened 9 years ago Closed 9 years ago

unauthorized access

Categories

(Websites :: Other, defect)

Product:
Websites
Component:
Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: jim_eden, Unassigned)

References

(
URL
)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 Steps to reproduce: Randomly, http://50.112.169.109/ Actual results: Able to view non-public stored files Expected results: Put it behind firewall
URL: http://50.112.169.109/
Group: websites-security
Jim: thanks for reporting this, however, the contents appear public in nature at first glance. Is there something that you've found on their that you believe is non-public/sensitive. Something to keep in mind is that Mozilla operates a number of open-source projects, so often times we'll be hosting access to repositories and binary downloads for users/systems to access our content. Again, if you feel there are specifics we should be concerned about, please call those out specifically and we'll take a deeper look. Thanks!
Jim, it's an end pointwhere our CDN is is accessible This is the same data you'll find at https://ftp.mozilla.org/ Thanks for your report. Marking invalid
Group: websites-security
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.