Bugtraq mailing list archives

RE: personal web server directory traversal vulnerability patch

From: "Dinos Pastos" <dinopio () linux com cy>
Date: Thu, 14 Jun 2001 23:58:08 +0300

Patch from an Unofficial Source?

I quote from site.

"Patch assembled from Microsoft files by David Raitzer
david_raitzer () hotmail com, Project Information Management Specialist,
Cornell International Institute for Food, Agriculture and Development "

This doesnt look right.
Since Microsoft never developed a patch for PWS after I submited the bug, I
would advise using a patch from an unknown source.

I am not saying the patch is a fake or that it doesnt work.

Dinos Pastos
Security Advisor
InterceptiX Security

----- Original Message -----
From: "David Raitzer" <david_raitzer () hotmail com>
To: <bugtraq () securityfocus com>
Sent: Thursday, June 14, 2001 12:08 AM
Subject: personal web server directory traversal vulnerability patch

Personal Web Server Users,

I assembled an effective patch for the UNICODE directory traversal
vulnerability issue in Microsoft Personal Web Server 4.0 for Windows

95/98,

which was noted previously on this list.  It can be downloaded at:
http://www.geocities.com/p_w_server/pws_patch/index.htm

-David Raitzer
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

Current thread:

personal web server directory traversal vulnerability patch David Raitzer (Jun 14)
- Re: personal web server directory traversal vulnerability patch Gary Flynn (Jun 15)
- <Possible follow-ups>
- RE: personal web server directory traversal vulnerability patch Dinos Pastos (Jun 15)
- Re: personal web server directory traversal vulnerability patch Gary Flynn (Jun 18)