mailing list archives
Sambar Server alert!
From: gf () CYBCOM NET (Georgi Chorbadzhiyski)
Date: Wed, 23 Feb 2000 15:52:10 +0200
The Sambar Server is a multi-threaded HTTP, FTP and
Proxy server for Windows NT and Windows 95.
All version of Sambar server running under Windows NT 4.0 and
Windows 2000. Windows 98 version is vulnerable.
The default installation of Sambar server, put into server's
/CGI-BIN/ directory two .BAT files - ECHO.BAT and HELLO.BAT.
These are simple files with just one "echo" command in them.
However under Windows NT these files can cause a lot of trouble.
The problem IMHO lays in CMD.EXE, the example follows:
You'll see a nice listing of your C: drive :-))
Sambar server runs with Administrator privileges under NT so
even if you use NTFS, you still will be affected.
Delete any .BAT files in /CGI-BIN/ directory of your Sambar server.
This bug was discovered by Georich Chorbadzhiyski and Nikolay Tsvetkov.