Vulnerability Development: RE: IIS 4.0 leaking files?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

RE: IIS 4.0 leaking files?

From: "Colby Marks" <Colby () DigitalJunction Com>
Date: Thu, 2 Aug 2001 20:22:00 -0400

I could not reproduce this on IE 5.5 Win2k Svr or Netscape 4.7
I tested asp files on IIS5 SP2 and IIS5 SP1 win2k Svr.

-Colby

-----Original Message-----
From: hypoclear () jungle net [mailto:hypoclear () jungle net]
Sent: Thursday, August 02, 2001 2:46 PM
To: vuln-dev () securityfocus com
Subject: IIS 4.0 leaking files?


I posted this to bugtraq, but I'm not sure if it 
will be posted, so I will post here too...

---
I recently viewed a web page on a server running 
IIS 4.0 and accidently appended a \
after the url. This to my suprise caused the page 
to download. This occured under
Netscape 4.6 (IE5 appears to ignore the \). I was 
wondering if anyone else could
confirm this behavior. It is not my server so I 
cannot do extensive testing on it, so I'm
bringing it to the community. The file that 
downloaded was a .html file, however I am
curious if appending a \ has the possibility of 
downloading .asp's or .cgi's. If that was
true it would be a definite security hole. Email 
me hypoclear () jungle net or the list with
any findings.

hypoclear

By Date By Thread

Current thread:

Re: IIS 4.0 leaking files?, (continued)
- Re: IIS 4.0 leaking files? ___cliff rayman___ (Aug 02)
- Re: IIS 4.0 leaking files? Ian Stoba (Aug 02)
- Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 02)
  - Re: IIS 4.0 leaking files? Michel Arboi (Aug 03)
    - Re: IIS 4.0 leaking files? Stanley G. Bubrouski (Aug 03)
- RE: IIS 4.0 leaking files? Colby Marks (Aug 02)
- RE: IIS 4.0 leaking files? Johnson, Michael (Aug 02)