Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Novell volume changing?

Novell volume changing?

From: Charlie Liserne <Chili_at_SexMagnet.com>
Date: Mon, 07 Jan 2002 18:43:54 +0100

Dear all,

We are pen-testing a Novel 5.x webserver with the source page disclosure
problem (http://www.securityfocus.com/archive/1/246358).

We have been trying to get other volume indexing than SYS: We know that
there are more Volumes, and we know some of the file names of it, but we
aren't able to get to jump from SYS: to ANOTHER:

We tried something like:

http://server/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+
httplist+httplist/../../../../../ANOTHER:/file.ncf

and other variants, but it doesn't work. Please, do you know if it's
possible to disclosure another volume information too?

Regards,
Charlie.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Jan 07 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]