Re: Personal web server

[sean () SPATULA ML ORG (Sean Coates)]

Michael Howard wrote:

> the frontpage team are looking at it now - as sean noted, the iis codebase
> in pws does not have this issue. i'll fwd more info to this alias as soon as
> i get more info from the fp team.
>
> Cheers, MH
> IIS Security

 It seems that servers which are branded "IIS" _DO_ have the problem, and
servers branded with "PWS" do NOT have the problem. For instance, the server at
24.231.6.49 returns a server version of "Microsoft-PWS-95/2.0" yet the server at
24.231.6.205 returns "Microsoft-IIS/4.0" and the server at
24.231.6.2(www.ebci.ca) returns "Microsoft-IIS/4.0 Beta 3".

the *.49 server is not vulnerable, and neither is the *.2 server, but the *.205
server IS vulnerable (I told the admin of this machine about the problem, so it
may be fixed by the time this reaches bugtraq.)

By talking to the admin of each server, I've concluded that the *.49 server is a
downloaded version of PWS, running on windows98, the *.205 server is PWS from
the windows98 CD (OEM, as far as I know), running on Win98, and the *.2 server
is actually IIS, running on Windows NT Server 4.

Sorry about the confusion of my earlier post, hope this clears it up.
My luck, it'll probably just make it worse. (-;

Sean Coates
sean () spatula ml org
scoates () usa net