Bugtraq mailing list archives
Re: Handler Mapped File Extensions Bug
From: DBraaten () IMG SEAGATESOFTWARE COM (Darryl Braaten)
Date: Thu, 26 Feb 1998 09:46:29 -0800
The displaying of file system path seems to be limited to IIS3 servers. The installs of IIS4 I have only returned the path as provided in the URL. http://someserver/asp/something.stm Error processing SSI file '/asp/something.stm' I could not reproduce the ability to read raw source. Perhaps the system that it was possible to read the source from did not have the . bug fix applied. Darryl -----Original Message----- From: Tanstaafl [mailto:Tanstaafl () GEOCITIES COM] Sent: Wednesday, February 25, 1998 3:00 PM To: BUGTRAQ () NETSPACE ORG Subject: Handler Mapped File Extensions Bug <SNIP> http://www.victim.com/asp/something.stm/asp/something.asp Returns the raw "something.asp" code in the directory 'd\main\WWW\asp\' This includes any other files you've included as information handlers, ( Java class files, VB files, etc...) even encrypted password files. As long as you know the file names you can access the raw code. (This also means you can download it.) I'd like to thank "Micha³ Zalewski" <lcamtuf () boss staszic waw pl> for his help in discovering this problem. I'll further investigate this problem. blaze your trail! -- David Dune Unsolicited commercial email read for $500 per message.
Current thread:
- Handler Mapped File Extensions Bug Tanstaafl (Feb 25)
- <Possible follow-ups>
- Re: Handler Mapped File Extensions Bug Darryl Braaten (Feb 26)
- Re: Handler Mapped File Extensions Bug Michal Zalewski (Feb 28)