|
Vulnerability Development
mailing list archives
Re: IIS 4.0 leaking files?
From: Michel Arboi <arboi () yahoo com>
Date: Fri, 3 Aug 2001 12:28:58 +0200 (CEST)
--- "Stanley G. Bubrouski" <stan () ccs neu edu> a écrit :
I can. It is called normal dumb browser behaviour
No. This behaviour does not come from the browser. Try to telnet to
some IIS web server, send it a GET or a HEAD request on /index.htm and
/index.htm/ and see how the content type changes from "text/html" to
"application/octet-stream".
The server is doing this.
BTW, this work with \ or / too.
not big webserver security hole.
Well, I could not download any ASP with this. I did not try other
extensions.
The reason the file was downloaded is because netscape is
stupid.
No the reason is that IIS is buggy. Not a big bug apparently, but
something dirty.
/index.html/ which could be a valid directory...the webserver
however did remove the slash.
It removed the slash but somehow decided that the extension of the URI
was "html/". "htm" or "html" should be sent as "text/html", but it has
no rule for "html/"; so it reverts to the default
"application/octet-stream" type.
Just my 0.02 EUR
hypoclear
I love that name, I'm making a nameplate and putting it on my door.
Could we have a discount if we buy several at once? :)
___________________________________________________________
Do You Yahoo!? -- Vos albums photos en ligne,
Yahoo! Photos : http://fr.photos.yahoo.com
 By Date 
By Thread
Current thread:
| 
Intro
