Vulnerability Development mailing list archives
Re: IIS 4.0 leaking files?
From: Michel Arboi <arboi () yahoo com>
Date: Fri, 3 Aug 2001 12:28:58 +0200 (CEST)
--- "Stanley G. Bubrouski" <stan () ccs neu edu> a écrit :
I can. It is called normal dumb browser behaviour
No. This behaviour does not come from the browser. Try to telnet to some IIS web server, send it a GET or a HEAD request on /index.htm and /index.htm/ and see how the content type changes from "text/html" to "application/octet-stream". The server is doing this. BTW, this work with \ or / too.
not big webserver security hole.
Well, I could not download any ASP with this. I did not try other extensions.
The reason the file was downloaded is because netscape is stupid.
No the reason is that IIS is buggy. Not a big bug apparently, but something dirty.
/index.html/ which could be a valid directory...the webserver however did remove the slash.
It removed the slash but somehow decided that the extension of the URI was "html/". "htm" or "html" should be sent as "text/html", but it has no rule for "html/"; so it reverts to the default "application/octet-stream" type. Just my 0.02 EUR
hypoclearI love that name, I'm making a nameplate and putting it on my door.
Could we have a discount if we buy several at once? :) ___________________________________________________________ Do You Yahoo!? -- Vos albums photos en ligne, Yahoo! Photos : http://fr.photos.yahoo.com
Current thread:
- IIS 4.0 leaking files? hypoclear (Aug 02)
- Re: IIS 4.0 leaking files? ___cliff rayman___ (Aug 02)
- Re: IIS 4.0 leaking files? Ian Stoba (Aug 02)
- Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 02)
- Re: IIS 4.0 leaking files? Michel Arboi (Aug 03)
- Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 03)
- Re: IIS 4.0 leaking files? Michel Arboi (Aug 03)
- RE: IIS 4.0 leaking files? Colby Marks (Aug 02)
- <Possible follow-ups>
- RE: IIS 4.0 leaking files? Johnson, Michael (Aug 02)