Re: IBM HTTP Server

[H D Moore <hdm () secureaustin com>]

Yes, that version is vulnerable to at least the directory indexing bug.  I 
have encountered the same setup in the field and successfully used the 
vulnerability to get a listing of files in the web root and subdirectories.  
Attached is the script I used, its pretty rough but does the trick. The 
actual securityfocus bid is 1284.  The "exploit" of mine they have listed on 
that BID has a typo and I have been ignored everytime I tried to post a fixed 
version.  I guess Elias was too busy rejecting all the crap that people post 
to bugtraq ;) AFAIK, IBM hasn't release a fix, and the Apache folks fixed it 
a long time ago but still consider thier Win32 version on-production quality.


-HD





On Wednesday 13 June 2001 12:12 pm, Paul Rogers wrote:
> One of our client's are utilising IBM's HTTP server and Websphere to host
> their website and web applications. The IBM HTTP server utilises Apache to
> serve web content to users (the version in question is 1.3.12 for Win32).
> My query is related to the vulnerabilities associated with the Win32
> version of the Apache webserver. Can the vulnerabilites associated with
> 1.3.12 Win32 version of Apache be used on an IBM HTTP server; or have IBM
> modified the Apache source in anyway to protect against these issues?
>
> Just a thought since there don't seem to be any upgrades to later versions
> of Apache Win32 from IBM as yet, although version 1.3.14 is planned for the
> next release.

Attachment: http-offset.pl
Description: