WebApp Sec mailing list archives
extra dot on domain name gives different site
From: "Robin Wood" <dninja () gmail com>
Date: Wed, 23 Jan 2008 11:52:57 +0000
Hi I've just been looking at a site and accidentally added an extra dot to the end of the domain name, rather than getting the site I got a MS small business server 2003 admin page. e.g. http://www.site.com gives the real site http://www.site.com. gives the admin page I assume that this is something to do with IIS not parsing the url correctly so giving the default website rather than the vhost with that address. Is this a known issue? I tried to google but couldn't think what to google for! Robin ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- extra dot on domain name gives different site Robin Wood (Jan 25)
- Re: extra dot on domain name gives different site Eric Marden (Jan 26)
- Re: extra dot on domain name gives different site Robert Hajime Lanning (Jan 26)
- Re: extra dot on domain name gives different site Robin Wood (Jan 26)
- Re: extra dot on domain name gives different site Javier Fernandez-Sanguino (Mar 10)
- Re: extra dot on domain name gives different site Robin Wood (Jan 26)