Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Disable Parent Paths
From: gary () NEWSLETTERS COM (Gary Geisbert)
Date: Mon, 31 Jan 2000 15:48:57 -0500


*snip*

my question: What security hole/hack does this create if left enabled?.

*snip*


That all depends on how well the box is already configured.. =/  However,
one of the most notable problems is with Allow Parent Paths enabled, an ASP
script using the FileSystemObject coupled with Server.MapPath(), can open up
the source for scripts/files (or even worse, write something into the other
scripts/files).

This was illustrated in an advisory released by l0pht a few months ago,
which used a script that IIS installs by default.  It used the sample file
(showcode.asp I believe) to open up files like global.asa, which could
reveal database user/pass's as well as all sorts of information.

Gary Geisbert
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Senior Systems Engineer      gary () newsletters com
Newsletters.com              http://www.newsletters.com
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]