Bugtraq mailing list archives
Fw: [NTSEC] Netscape Server Security Hole
From: realize () TELEPORT COM (jon)
Date: Sun, 16 Aug 1998 18:38:41 -0700
FWD from ntsecurity. See ntsecurity archive for original postings: [begin] I am running Web servers using three different servers, Netscape Enterprise 2.0 on Solaris 2.5.1, Apache 1.2b11 on BSDI 3.0 and Netscape Enterprise 3.5.1 on NT 4.0 Server w/128-bit SP3. In testing these for the /?PageServices query, only the Netscape Enterprise 3.5.1 server running on NT [This is not limited to NT. See below, last post...]produce a directory listing of the docs root. The Page Services function is a menu item under View in Netscape Navigator 4.xx and Communicator. All one has to do is load up a Web page, go to View on the menu bar and see it Page Services is activated. If it is, select it and you'll get back a directory listing of the Web server docs root. If there are subdirectories in this root, you can see a listing of all the files in these as well. I have yet to look at Netscape's site for any news about this problem, but for now I have turned off the Web server using Enterprise 3.5.1.
Date: Thu, 13 Aug 1998 23:01:04 +1000 From: "Simon Johnson" <simon.johnson () shake net> Subject: Re: [NTSEC] Netscape Server Security Hole? TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo () iss net Contact ntsecurity-owner () iss net for help with any problems! - -------------------------------------------------------------------------
--
Hello, In relation to the /?PageServices query, I think its a misconfiguration of the Web server. I have just finished testing 10 different Web servers for this query. The following servers were not vulnerable: Netscape Enterprise 2.01 Netscape Commerce 1.12 Oracle Web Listener 4.0.6.2.0 Enterprise Edition Apache 1.2.1. Apache 1.2.5. Apache/1.3.1 (Unix) mod_perl/1.15 Apache/1.2.6 Domino Go Webserver 4.6 The Web servers mentioned in Tim Ehrhart's original message are running the following: Netscape Enterprise 2.01 - www.symantec.com Netscape Enterprise 3.5.1 - redirect.cnet.com However I did find that two servers that produced a "Server Error" message. They were: Netscape Enterprise 3.5.1C Netscape Enterprise 3.5 For NetWare I have not tested these two servers to see why they crashed. Nor am I planning to. :-) Best regards, Simon Johnson Technical Director Shake Communications Experts in Internet and Information Security http://www.shake.net ------------------------------
-----Original Message----- From: Matthew Patton <patton () sysnet net> To: ntsecurity () iss net <ntsecurity () iss net> Date: Saturday, August 15, 1998 8:48 PM Subject: Re: [NTSEC] Netscape Server Security Hole : :TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo () iss net :Contact ntsecurity-owner () iss net for help with any problems! :--------------------------------------------------------------------------- : :>/?PageServices query, only the Netscape Enterprise 3.5.1 server running on :>NT produce a directory listing of the docs root. : :It's potentially WAY worse than that folks. On a wild guess I hit a certain :miltary related think tank's website. They run Enterprise 3.5.1 on Solaris. :(Netcraft is quite obliging with a list of other sites that run the same :version...) : :What I found was absolutely incredible! The moron who set the site up :didn't separate the webcontent from the server configuration. So here I am :grabbing his user and administrative password files, the works. What a :flaming looser. : :Yes, he's been notified. Thankfully, of the handful of 3.5.1's I've hit :most of them just give up a directory listing of the webroot and that's it. : :This PageServices thing should be a BugTraq item if it isn't already. It's :not limited to just the NT versions. : :-------- :"You need only reflect that one of the best ways to get yourself a : reputation as a dangerous citizen these days is to go around repeating : the very phrases which our founding fathers used in their struggle for : independence," - Charles A. Beard (American historian) : [end]
Current thread:
- Fw: [NTSEC] Netscape Server Security Hole jon (Aug 16)
- <Possible follow-ups>
- Re: Fw: [NTSEC] Netscape Server Security Hole John Sweeney (Aug 17)