<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: Webtrends HTTP Server %20 bug

Re: Webtrends HTTP Server %20 bug

From: Michael Grice <grice_at_binc.net>
Date: Mon, 4 Jun 2001 12:30:52 -0500

* Auriemma Luigi <kaino3_at_genie.it> [010604 10:37] wrote:

[...]

> The bug is really simple. If the attacker insert an unicode space (%20)
> after the script file, the server think that the file requested is not a
> cgi script and for this it shown the source; this is an example:
>
> http://host/remote_login.pl%20
>
>
> And the result is the source of "remote_login.pl".

[...]

This also appears to be a bug in the web server shipped with 3.5. While
this worked as expected for the NT version, I was not able to duplicate
the problem with the Solaris or Linux versions.

Michael Grice <grice_at_berbee.com>
Berbee Information Networks
Received on Jun 04 2001

This message: [ Message body ]
Next message: Jason DiCioccio: "Re: SSH allows deletion of other users files..."
Previous message: Georgi Guninski: "$HOME buffer overflow in SunOS 5.8 x86"
In reply to: Auriemma Luigi: "Webtrends HTTP Server %20 bug"
Next in thread: H D Moore: "Re: Webtrends HTTP Server %20 bug"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos