Vulnerability Development mailing list archives
Re: IIS 4.0 leaking files?
From: "Stanley G. Bubrouski" <stan () ccs neu edu>
Date: Thu, 2 Aug 2001 22:04:15 -0400 (EDT)
On 2 Aug 2001, hypoclear wrote:
I posted this to bugtraq, but I'm not sure if it will be posted, so I will post here too...
It won't be. If this was posted to Bugtraq I would expect the next event to occur would be hell freezing over and the end of the world.
--- I recently viewed a web page on a server running IIS 4.0 and accidently appended a \ after the url. This to my suprise caused the page to download. This occured under Netscape 4.6 (IE5 appears to ignore the \). I was wondering if anyone else could confirm this behavior. It is not my server so I
I can. It is called normal dumb browser behaviour, not big webserver security hole. You want a hole, dig one, you are going nowhere with this.
cannot do extensive testing on it, so I'm bringing it to the community. The file that downloaded was a .html file, however I am curious if appending a \ has the possibility of downloading .asp's or .cgi's. If that was
Why not try it? You'd see that it doesn't work. The only time appending characters to the end of an ASP would download it would be if the person was running IIS 4.0 and the ASP resided on a mapped drive and the admin didn't install a patch from way back in 98. I doubt that is the case here. The reason the file was downloaded is because netscape is stupid. End of story. IE didn't download the file not because it ignored the slash...when you add a slash it assumes you want the directory /index.html/ which could be a valid directory...the webserver however did remove the slash.
true it would be a definite security hole. Email me hypoclear () jungle net or the list with any findings.
Good call.
hypoclear
I love that name, I'm making a nameplate and putting it on my door. -Stan -- Stan Bubrouski stan () ccs neu edu 23 Westmoreland Road, Hingham, MA 02043 Cell: (617) 835-3284
Current thread:
- IIS 4.0 leaking files? hypoclear (Aug 02)
- Re: IIS 4.0 leaking files? ___cliff rayman___ (Aug 02)
- Re: IIS 4.0 leaking files? Ian Stoba (Aug 02)
- Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 02)
- Re: IIS 4.0 leaking files? Michel Arboi (Aug 03)
- Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 03)
- Re: IIS 4.0 leaking files? Michel Arboi (Aug 03)
- RE: IIS 4.0 leaking files? Colby Marks (Aug 02)
- <Possible follow-ups>
- RE: IIS 4.0 leaking files? Johnson, Michael (Aug 02)