Vulnerability Development mailing list archives
Re: Unusal response from IIS with some file names
From: Kevin van Haaren <kevinv () HOCKEY NET>
Date: Tue, 13 Mar 2001 18:22:13 -0600
At 18:43 +0100 3/12/2001, Woch, Wojciech wrote:
Hello, IIS v4.0 seems to give an usual response when non-existing files ending with one of the following sequences of characters are requested: :~n |~n ~n: ~n| where "n" stands for a number between 0-9 (ex: GET /file:~1). Instead of the regular 404, we get HTTP/1.1 500 Server Error Server: Microsoft-IIS/4.0 Date: Mon, 12 Mar 2001 17:08:27 GMT Content-Type: text/html Content-Length: 126 <html><head><title>Error</title></head><body>The filename, directory name, or volume label syntax is incorrect. </body></html>
This may be related to NT's 8.3 short naming for DOS/Win 3.x compatibility. From Microsoft: Under Windows NT 3.1 NTFS, longfile names are converted to 8.3 names to support DOS based clients. This conversion simply takes the first 6 characters of the long name, and uses a "~n" suffix (where "n" is number) to keep the name unique if needed. When the tenth filename is converted and the suffix exceeds 2 characters, only 5 characters of the name are used to accommodate the three characters in the suffix and so on as needed. It could be that IIS is getting an error other than "file not found" error because NT gives a different response for filenames in what it things are 8.3 format. Not sure if disabling the 8.3 name creation will fix this but here's how: http://support.microsoft.com/support/kb/articles/Q121/0/07.asp
Current thread:
- Unusal response from IIS with some file names Woch, Wojciech (Mar 12)
- Re: Unusal response from IIS with some file names Kevin van Haaren (Mar 13)
- Re: Unusal response from IIS with some file names ProvenSecurity News List (Mar 13)
- <Possible follow-ups>
- Re: Unusal response from IIS with some file names Rob Wilson (Mar 14)