an 'Access Denied' problem? Check the appropriate logs first!
-Original Message-
From: Kevin Matthew [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 19, 2000 10:59 AM
To: [EMAIL PROTECTED]
Subject: Re: IIS still revealing paths for web directories
Hello,
There'
Hello,
There's another glitch when you have a password protected
webdirectory with IIS5 and sendin the http://www.iisServer.blah/blah.ida
When the root folder on that website is password protected you do not get
asked to authenticate but you just recieve the error like other
postings. Di
> To solve this problem check in the propierties of the web server
> the option "Check that file exists", in
> Home Directory/Application Settings/Configuration/App Mappings in
> the Edit Window of the .ida and .idq extensions.
> Both extensions are interpreted by idq.dll.
Unfortunately, if you a
BTW, different error messages are given depending on whether or not the path
up to the idq file exists. In my brief testing:
http://www.example.com/exists/bah.ida
yields
The IDQ file C:\Inetpub\wwwroot\exists\bah.ida could not be found.
http://www.example.com/doesntexist/bah.ida
yields
File C
Please filter this if outdated.
I coulnd't find anything about CERN httpd 3.0 revealing paths in
the archives.
http://www.victim.com/cgi-bin/ls
results in:
Bad script request -- neither '/usr/local/etc/ls' nor '/usr/local/etc/ls.pp' is
executable
http://www.victim.com/cgi-bin/cat
results in:
B
here's the low-down.
1) if you don't use ida or idq files then nuke the mappings in iis.
2) if you do use them, then make sure the "Check file exists" option is
checked
3) we are working on a fix and doing 'due-diligence' to make sure
there's nothing similar or regressions
4) we'll post the fix o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> -Original Message-
> From: Chris Tobkin [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 12, 2000 2:08 PM
>
> > The same problem still exists on IIS4 (tested with SP5 -
> didn't try on
> > SP6).
>
> Still exists as far back as IIS3 also
If you go to "Preferences -> Home directory -> Application, and select
"Check if file exists" for the various IISAPI mappings your server has
(in this case .ida) then the error should be corrected.
You should at the same time remove any IISAPI mappings you do not want
your users to be able to use
-BEGIN PGP SIGNED MESSAGE-
>
>http://www.microsoft.com/%3CIMG%20SRC=javascript:alert(%34window.location:%34%43window.location)%3E.ida
I tested the following on Netscape Lite 4.51/Export, 01-Mar-99 for
Linux:
http://www.microsoft.com/%3CIMG%20SRC=%22javascript:alert('window.location='%2
Hello out there,
At 11:10 13.01.00 , Georgi Guninski wrote:
>This leads to a client side problem also.
>The problem is IIS does not escape the response, so one may put some
>HTML and javascript in the page returned from www.microsoft.com.
>Vulnerabilities:
>1) For IE (tested on 5.01, probably oth
ero
[EMAIL PROTECTED]
HispaSec
http://www.hispasec.com
- Original Message -
From: Chris Tobkin <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: miƩrcoles 12 de enero de 2000 21:07
Subject: Re: [BUGTRAQ] IIS still revealing paths for web
directories
> > The same problem
IIS4 SP6a (on one of my servers) was found vulnerable.
URL Returned: "The IDQ file C:\Inetpub\wwwroot2\anything.ida could not
be found."
Anyone have tempfix ideas?
Rob Systhine <[EMAIL PROTECTED]>
IT/Ryno Innovate Company
"No respect for those who do not strive to master their arts."
[EMAIL PROTECTED] wrote:
>
> it would seem not to work on IIS4, SP6. I get http 500 - Internal Server
> Error.
Right.
I have just applied SP6a to the IIS 4 server (where I have reproduced
this first). The problem still exists. Only SP3/SP5/SP6a (in that
order) have been applied - no hotfixes a
it would seem not to work on IIS4, SP6. I get http 500 - Internal Server
Error.
-Original Message-
From: Vanja Hrustic [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 10, 2000 2:43 PM
To: [EMAIL PROTECTED]
Subject: IIS still revealing paths for web directories
This has been mentioned
Georgi Guninski wrote:
>
> For Communicator:
>
>http://www.microsoft.com/%3CIMG%20SRC=javascript:alert("window.location:"+window.location)%3E.ida
This link comes out as:
http://www.microsoft.com/%3CIMG%20SRC=javascript:alert(
presumably because the quotes need to be % encoded as well.
http://
In my opinion this is a big deal. Forgot the RDS exploit found by Greg
Gonzalez?
In the past months a great deal of webpages have been defaced. A majority of
theme were hosted on IIS4 servers.
r.f.p. wrote an exploit I think was called msadc.pl. What this exploit did
was letting you into a cmd /c
Vanja Hrustic wrote:
>
> This has been mentioned before, but it's probably good to remind
> Microsoft about some outstanding issues.
>
> Request : http://www.microsoft.com/anything.ida
> Response: The IDQ file d:\http\anything.ida could not be found.
>
> Request : http://www.microsoft.com/anything
This has been mentioned before, but it's probably good to remind
Microsoft about some outstanding issues.
Request : http://www.microsoft.com/anything.ida
Response: The IDQ file d:\http\anything.ida could not be found.
Request : http://www.microsoft.com/anything.idq
Response: The IDQ file d:\http
18 matches
Mail list logo