dasBlog stores log files in known subdirectories of the blog site, e.g. http://www.site.com/logs/2005-01-20.events.log or http://www.site.com/logs/2005-01-20.events.zip

With a default installation (as provided by the installation instructions) these files can be downloaded anonymously and can leak information about your site.

Workaround
remove read ACLs for IUSR_MACHINENAME or remove anoymous and integrated authentication from the sub directory in IIS.

Sunday, March 06, 2005 8:34:28 AM UTC     Tracked by:
"cost of diet pills" (cost of diet pills) [Trackback]
"phentermine" (phentermine) [Trackback]