Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: IBM AS/400 HTTP Server '/' attack
From: Joe Laffey <joe () laffeycomputer com>
Date: Thu, 8 Nov 2001 12:45:20 -0600 (CST)

On Thu, 8 Nov 2001, 'ken'@FTU wrote:

   IBM's HTTP Server on the AS/400 platform is vulnerable to an attack
that will show the source code of the page -- such as an .html or .jsp
page -- by attaching an '/' to the end of a URL.

[snip]

http://www.foo.com/getsource.jsp/
[snip]

Since I reported this "non-security" bug so long ago I hope it is fixed
through the regular set of changes. I cannot confirm this bug was fixed.
As far as I know this vulnerability was not yet reported to the public.

I can confirm that a server reporting 'IBM-HTTP-Server/1.0' _IS_ vulrable
to this. I do not know if updates increment that number or not...

--
Joe Laffey              |  Want to convert subnet masks between different
LAFFEY Computer Imaging |  notations, or figure the number of IPs in a block?
St. Louis, MO           |  Whatmask-It's FREE - www.laffeycomputer.com/wm.html
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault