Penetration Testing mailing list archives
Re: Webhits.dll arbitrary file retrieval Vulnerability
From: Jian Hui Wang <jhwang () gosecure ca>
Date: 3 Mar 2005 19:09:22 -0000
In-Reply-To: <55d0d8e305030223257757f25c () mail gmail com> 1) for Webhits.dll It is possible that they patched the system but still have htw ISAPI mapping. If you cannot exploit them, classify it as a false postive but do suggest your client unmapping the mapping. 2) For log Put the link at browser and download it ( save it to your disk). Find a software to crack it. Correct me if I am wrong. Jian Hui Wang, M.Sc, CSE, CCSE, CCNA Security Analyst Gosecure Inc. Venez consulter notre portail SecInfo pour les dernières nouvelles en sécurité: http://www.gosecure.ca/SecInfo/index.html
Current thread:
- Webhits.dll arbitrary file retrieval Vulnerability Maverick The Techie (Mar 03)
- Re: Webhits.dll arbitrary file retrieval Vulnerability H D Moore (Mar 03)
- <Possible follow-ups>
- Re: Webhits.dll arbitrary file retrieval Vulnerability Jian Hui Wang (Mar 03)