Vulnerability Development mailing list archives
RE: idq.dll problem??
From: "Jim Harrison (SPG)" <jmharr () microsoft com>
Date: Fri, 15 Mar 2002 08:17:16 -0800
I've repeated your tests on a system with all patches applied and all proper lockdowns applied as well and get nothing more than a 404 response. Do you still have the .IDA, .IDQ mappings in your website? * Jim Harrison MCP(NT4, 2K), A+, Network+ Never be afraid to try something new. Remember that amateurs built the Ark. Professionals built the Titanic. -----Original Message----- From: RWXLabs [mailto:rwxlabs () rwxsecurity com] Sent: Thursday, March 14, 2002 16:47 To: Brett Moore; vuln-dev Subject: Re: idq.dll problem?? Hi, All the test was carried through in system with all patches applied, however, it is enough to request the URL: www.server.com/null.ida?= So that the server presents the error, being that only caracter = (equal) this happens! Any ideas? Marcos Ferreira marcos () rwxsecurity com RWXSecurity - Segurança na Internet http://www.rwxsecurity.com Brett Moore wrote:
Made me think of the .ida bof testing that went on during the code red season. On A patched system. Results Sending 1-199 bytes yields the error: The IDQ file NULL.ida could not be found. Nothing written to the event log. Sending 200-??? bytes we get: File . Error 0x80040e14 caught while processing query Nothing written to the event log. Were you testing patch/unpatched? Brett-----Original Message----- From: H D Moore [mailto:sflist () digitaloffense net] Sent: Thursday, 14 March 2002 17:31 To: RWXLabs; bugtraq () securityfocus com; vuln-dev () securityfocus com; secure () microsoft com Subject: Re: idq.dll problem?? On Wednesday 13 March 2002 06:13 pm, RWXLabs wrote:Hello, In some tests carried through with servers IIS5, I found the following problem. When requesting the URL: ww.server.com/null.ida?= The server returned the following message: File . Error 0x80040e14 caught while processing queryInteresting. That error is normally thrown by the ODBC handler anytime an invalid/misformed query is made in an ASP script. The error message translates into "The command contained one or more errors". Check out this URL:http://www.adopenstatic.com/faq/80040e14.asp
Current thread:
- idq.dll problem?? RWXLabs (Mar 13)
- Re: idq.dll problem?? H D Moore (Mar 14)
- RE: idq.dll problem?? Brett Moore (Mar 14)
- Re: idq.dll problem?? RWXLabs (Mar 14)
- Re: idq.dll problem?? Dave Aitel (Mar 14)
- RE: idq.dll problem?? Brett Moore (Mar 14)
- <Possible follow-ups>
- RE: idq.dll problem?? Jim Harrison (SPG) (Mar 15)
- Re: idq.dll problem?? H D Moore (Mar 14)