Bugtraq mailing list archives
Re: Enumerate Root Web Server Directory Vulnerability for IIS 4.0
From: ollie () DELPHISPLC COM (Ollie Whitehouse)
Date: Mon, 13 Mar 2000 14:30:57 -0000
All, A way to stop these types of attacks when enumeration of a file path on an IIS box occurs is to replace the errors with non-default errors pages. Rgds Ollie <% Ollie Whitehouse Delphis Consulting VOX: +44 (0)207 916 0200 (Switchboard) FAX: +44 (0)207 916 1590 (Main) FAX: +44 (0)870 0881837 (FAX - E-Mail) PGP: http://www.ombs.demon.co.uk/pgp.txt Tag: Who needs Windows2000 when you have OS/2? %> -----Original Message----- From: Jason Lutz [mailto:jason () SPIS NET] Sent: 09 March 2000 15:32 To: BUGTRAQ () SECURITYFOCUS COM Subject: Enumerate Root Web Server Directory Vulnerability for IIS 4.0 BugTraq, I was recently auditing the security on one of my web servers when I came across a new Extension Enumerate Root Web Server Directory Vulnerability for IIS 4.0. Going to the main website and asking for anything.idq I get the page cannot be found. But if the files for the web server reside on a share the full network path is found. The Exploit: On the shared network drive, http://server/anything.idq The file \\share\wwwroot\inetpub\webpage\*.idq is on a network share. IDQ, IDA and HTX files cannot be placed on a network share. Tested on Windows NT 4.0 Service Pack 5 and 6a I would like to say thank you to rain.forest.puppy. for all of his help. props out to ADM, Wiretrip, w00w00 and l0pht. Jason Lutz Sprint Print Inc jason () spis net
Current thread:
- Re: Enumerate Root Web Server Directory Vulnerability for IIS 4.0 Ollie Whitehouse (Mar 13)
- <Possible follow-ups>
- FW: Enumerate Root Web Server Directory Vulnerability for IIS 4.0 Ollie Whitehouse (Mar 15)