Bugtraq mailing list archives
IIS/ASP bugs
From: dave () EDIS ORG (Dave Edis)
Date: Thu, 15 Jan 1998 14:24:04 -0800
I tryed the following and the server stopped resoponding on ieak.microsoft.com: http://ieak.microsoft.com/ASPSamp/Samples/code.asp?source=/ASPSamp///////Samples/hello.asp * replace //////// with a few hundred forward slashes Looks like any IIS server with ASPSamp directory installed is vulnerable.. (or ASPs that take file paths as input) And something else... I notice handler mapped file extensions reveal system file paths for web directories.. ie: try (.idq, .idc, .stm, .pl, .cgi) depending on what is mapped. example: http://www.microsoft.com/badidea.stm Returns "Error processing SSI file 'd:\http\badidea.stm'" ____________________________________________________________________ Dave Edis http://www.edis.org/
Current thread:
- Re: DoS attack: apache (& other) .htaccess Authentication Sevo Stille (Jan 15)
- <Possible follow-ups>
- Re: DoS attack: apache (& other) .htaccess Authentication Don Lewis (Jan 15)
- Re: DoS attack: apache (& other) .htaccess Authentication Marc Slemko (Jan 15)
- IIS/ASP bugs Dave Edis (Jan 15)
- Administratrivia Aleph One (Jan 15)