[Zope-dev] vulnerability in stock Zope
seb bacon
seb@jamkit.com
Thu, 11 Jul 2002 15:34:43 +0100
Shane Hathaway wrote:
> seb bacon wrote:
>
>> Production sites running a stock Zope are vulnerable to abuse of their
>> server if they have not removed the 'Examples' folder. For example,
>> anyone could use http://notcarefulenough.com/Examples/FileLibrary as a
>> warez repository.
>
>
> Are you sure? I get an "Unauthorized" error (but not until I actually
> try to upload).
>
> Shane
I'm sure, I've tried it on a few sites.
Try this ;-)
http://new.zope.org/Examples/FileLibrary
seb