Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Doubledot bug in FrontPage FrontPage Personal Web Server.
From: alex () WINSTAR NET (Alexander Kiwerski)
Date: Mon, 21 Feb 2000 12:55:10 -0800


Is there a fix or patch for this bug? I haven't been able to find any
direct information on what versions aren't affected by this bug. I know a
couple of people that run small websites using this thing (unfortunately).

-Alexander Kiwerski

At 10:10 PM 2/18/00 -0500, Jeff Dafoe wrote:
On Fri, 18 Feb 2000, GALES,SIMON (Non-A-ColSprings,ex1) wrote:

        I was able to reporduce this on a PWS installation under Win98
second edition.


Jeff Dafoe
System Administrator
Evolution Communications, Inc.


Does this only occur on Win9x?  Has anyone been able to reproduce this?
Jan, which OS/SP were you running?

I vaguely remember some discussion (in BugTraq or NTBugTraq maybe?) about
using "..." and/or "...." from the command prompt, and this is probably
tied
to that problem.

G. Simon Gales
george_gales () non hp com <mailto:george_gales () non hp com>

-----Original Message-----
From: Jan van de Rijt [mailto:rijt () WISH NET]
Sent: Tuesday, February 15, 2000 6:16 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: Doubledot bug in FrontPage FrontPage Personal Web Server.


Description: Doubledot bug in FrontPage FrontPage Personal Web Server.
Compromise: Accessing drive trough browser.
Vulnerable Systems: Frontpage-PWS32/3.0.2.926 other versions not tested.
Details:
When FrontPage-PWS runs a site on your c:\ drive your drive could be
accessed by any user accessing your page, simply by requesting any file in
any directory except the files in the FrontPage dir. specially /_vti_pvt/.

How to exploit this bug?
Simply adding /..../ in the URL addressbar.

http://www.target.com/..../ <http://www.target.com/..../<>>
<any_dir>/<any_file>



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]