Bugtraq mailing list archives
Re[2]: [NTSEC] ! [ADVISORY] Major Security Hole in MS ASP
From: daragh_malone () TELECOM IE (daragh_malone () TELECOM IE)
Date: Tue, 25 Feb 1997 17:12:00 GMT
Just modified the registry entry to deal with ".ASP." files. However, this doesn't protect against ".ASP.." or ".ASP...", etc. You'd have to add a number of entries, up to the MAXLENGTH of the URL, if there is one, for each server script. Best bet is a separate folder as mentioned below. ______________________________ Reply Separator _________________________________ Subject: Re: [NTSEC] ! [ADVISORY] Major Security Hole in MS ASP Author: Mitja Kolsek <mitja.kolsek () IJS SI> at csgnet Date: 25/02/97 16:44 I suppose there's a simpler solution for those who want to protect their asp, .idc & .htx files that are so well mixed among regular .htm files. In your registry, under IIS ScriptMapping (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/W3SVC/Parameters/Scrip tMapping) (could be this is not _quite_ exact, but you'll find it) Create a string value named ".ASP." (note the ending dot) and copy its data from ".ASP" value already present in this registry key if you're running IIS 3.0. This successfully renders the 'dot attack' ineffective. Apply this procedure to all script extensions. Nevertheless I suggest moving all script files to a separate folder, so use this technique only as a temporary measure. There will soon be another security hole in the wild so it's better to be prepared.
Current thread:
- Security hole in Solaris 2.5 (sdtcm_convert) + exploit Cristian SCHIPOR (Feb 22)
- Re: Security hole in Solaris 2.5 (sdtcm_convert) + exploit Casper Dik (Feb 22)
- <Possible follow-ups>
- Re: Security hole in Solaris 2.5 (sdtcm_convert) + exploit Adam Morrison (Feb 23)
- Re: Security hole in Solaris 2.5 (sdtcm_convert) + exploit Shumon Huque (Feb 23)
- Re: Security hole in Solaris 2.5 (sdtcm_convert) + exploit Brian Parent (Feb 24)
- CIAC Bulletin H-32: HP-UX ppl Core Dump Vulnerability Aleph One (Feb 24)
- IRIX 5.3 /var/rfindd/fsdump - exploit Chris Sheldon (Feb 25)
- Re: IRIX 5.3 /var/rfindd/fsdump - exploit Yuri Volobuev (Feb 25)
- Re[2]: [NTSEC] ! [ADVISORY] Major Security Hole in MS ASP daragh_malone () TELECOM IE (Feb 25)
- ** >= Ascend 5.0A SECURITY ALERT ** Kit Knox (Feb 26)
- Re: Security hole in Solaris 2.5 (sdtcm_convert) + exploit Shumon Huque (Feb 23)
- libX11 David Sacerdote (Feb 24)