Open Bug 795323 Opened 12 years ago Updated 8 months ago

directory listing in http://planet.mozilla.org

Categories

(Websites :: planet.mozilla.org, defect)

defect
Not set
minor

Tracking

(Not tracked)

People

(Reporter: shashankcyberboy, Assigned: reed)

Details

(Keywords: reporter-external, sec-low, wsec-disclosure)

Attachments

(1 file)

Attached image directory listing
certain directories of http://planet.mozilla.org/ are having directory listing vulnerabilities. The urls of them are 1. http://planet.mozilla.org/img/ 2. http://planet.mozilla.org/projects/img/
please add an index page in order to fiix directory listing
Assignee: server-ops-devservices → server-ops-webops
Component: CVS: Administration → Server Operations: Web Operations
QA Contact: shyam → cshields
Assignee: server-ops-webops → nobody
Component: Server Operations: Web Operations → planet.mozilla.org
OS: Windows 7 → All
Product: mozilla.org → Websites
QA Contact: cshields
Hardware: x86 → All
This is not a security vulnerability.
is directory listing not counted in vulnerablities ??? or only critical directory listing ???(In reply to Reed Loden [:reed] from comment #2) > This is not a security vulnerability.
It depends - it can be a security risk if the directory is critical / contains sensitive files. In this case, it's merely the image folders for the site. Not a big risk.
Assignee: nobody → reed
Severity: normal → minor
Status: UNCONFIRMED → NEW
Ever confirmed: true
then plz chek my another bug ... bug id 795639 there is sensitive directory listing (In reply to Matt Fuller :mfuller from comment #4) > It depends - it can be a security risk if the directory is critical / > contains sensitive files. In this case, it's merely the image folders for > the site. Not a big risk.
well am i going to get bounty for it ???
replys plzz???????????????????????????????????????????/
Flags: sec-bounty?
what do u mean ??? :/
(In reply to shashank from comment #8) > what do u mean ??? :/ Please stop spamming the bug, issues are handled based on the priority of the issue. This issue is a low and as such is not eligible for a bounty. Planet is a blog platform and contains no sensitive information. The other bug is both a duplicate of an existing issue and a low, and thus also not eligible for a bounty.
Flags: sec-bounty? → sec-bounty-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: