Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: RE: IIS 4.0 leaking files?

RE: IIS 4.0 leaking files?

From: Colby Marks <Colby_at_DigitalJunction.Com>
Date: Thu, 2 Aug 2001 20:22:00 -0400

I could not reproduce this on IE 5.5 Win2k Svr or Netscape 4.7
I tested asp files on IIS5 SP2 and IIS5 SP1 win2k Svr.

-Colby

-----Original Message-----
From: hypoclear_at_jungle.net [mailto:hypoclear_at_jungle.net]
Sent: Thursday, August 02, 2001 2:46 PM
To: vuln-dev_at_securityfocus.com
Subject: IIS 4.0 leaking files?

I posted this to bugtraq, but I'm not sure if it
will be posted, so I will post here too... 

---
I recently viewed a web page on a server running 
IIS 4.0 and accidently appended a \
after the url. This to my suprise caused the page 
to download. This occured under
Netscape 4.6 (IE5 appears to ignore the \). I was 
wondering if anyone else could
confirm this behavior. It is not my server so I 
cannot do extensive testing on it, so I'm
bringing it to the community. The file that 
downloaded was a .html file, however I am
curious if appending a \ has the possibility of 
downloading .asp's or .cgi's. If that was
true it would be a definite security hole. Email 
me hypoclear_at_jungle.net or the list with
any findings.
hypoclear
Received on Aug 03 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos