SV: IIS still revealing paths for web directories

[kristoffer.ustad () WINGE NO (Kristoffer Ustad)]

In my opinion this is a big deal. Forgot the RDS exploit found by Greg
Gonzalez?
In the past months a great deal of webpages have been defaced. A majority of
theme were hosted on IIS4 servers.
r.f.p. wrote an exploit I think was called msadc.pl.  What this exploit did
was letting you into a cmd /c shell. issuing a "echo" command from this
shell will able you to do uhm.. a whole lot.
including overwriting the index.htm/l file.
But, alot of lamers got their hands on this exploit, but they weren't able
to locate the index file(a lot of people rewrote the exploit so that it
scanned for the index file, probably using this bug
http://www.microsoft.com/anything.ida)

Kristoffer Ustad
Computer Consultant(in need of job)

        Vanja Hrustic wrote:

> This has been mentioned before, but it's probably good to remind
> Microsoft about some outstanding issues.
>
> Request : http://www.microsoft.com/anything.ida
> Response: The IDQ file d:\http\anything.ida could not be found.
>
> Request : http://www.microsoft.com/anything.idq
> Response: The IDQ file d:\http\anything.idq could not be found.
>
> Microsoft is running IIS5
>
> The same problem still exists on IIS4 (tested with SP5 - didn't try on
> SP6).
>
> It's not really a big deal, but they should fix it.
>
> --
>
> Vanja Hrustic
> The Relay Group
> http://relaygroup.com
> Technology Ahead of Time
***************************************************************************
This footnote confirms that this email message and any files transmitted
with it has been swept by MIMEsweeper for the presence of computer viruses.
***************************************************************************