Bugtraq mailing list archives
FW: Personal web server - Temporary Fix
From: Ollie () DELPHISCONSULT CO UK (Ollie Whitehouse)
Date: Wed, 20 Jan 1999 14:12:53 -0000
Seems to be a quick fix: System: Microsoft Windows 98 PWS: 98 Shipped Edition I have allowed directory browsing and was succesfully allowed to exploit this hole on my local machine. Once this was deselected received the error:
Directory listing denied although granted this is not a complete fix, due to the fact that people that know the file name(s) they want to retrieve (i.e. PWL, Registry or what ever) can still do so, but it quick and people have to know the directory layout of your PC.
Rgds Ollie ----/ Ollie Whitehouse I.T Co-Ordinator Delphis Consulting VOX : 0171 692 7689 (Direct Dial) VOX : 0171 916 0200 (Switchboard) FAX : 0171 916 1590 (Main) E-M : ollie () delphisconsult co uk /---- -----Original Message----- From: Sean Coates [SMTP:sean () SPATULA ML ORG] Sent: Tuesday, January 19, 1999 10:38 PM To: BUGTRAQ () NETSPACE ORG Subject: Re: Personal web server Michael Howard wrote:the frontpage team are looking at it now - as sean noted, the iiscodebasein pws does not have this issue. i'll fwd more info to this alias assoon asi get more info from the fp team. Cheers, MH IIS SecurityIt seems that servers which are branded "IIS" _DO_ have the problem, and servers branded with "PWS" do NOT have the problem. For instance, the server at 24.231.6.49 returns a server version of "Microsoft-PWS-95/2.0" yet the server at 24.231.6.205 returns "Microsoft-IIS/4.0" and the server at 24.231.6.2(www.ebci.ca) returns "Microsoft-IIS/4.0 Beta 3". the *.49 server is not vulnerable, and neither is the *.2 server, but the *.205 server IS vulnerable (I told the admin of this machine about the problem, so it may be fixed by the time this reaches bugtraq.) By talking to the admin of each server, I've concluded that the *.49 server is a downloaded version of PWS, running on windows98, the *.205 server is PWS from the windows98 CD (OEM, as far as I know), running on Win98, and the *.2 server is actually IIS, running on Windows NT Server 4. Sorry about the confusion of my earlier post, hope this clears it up. My luck, it'll probably just make it worse. (-; Sean Coates sean () spatula ml org scoates () usa net
Current thread:
- Re: Another web-based mail reader hole, (continued)
- Re: Another web-based mail reader hole Peter van Dijk (Jan 19)
- Re: Sendmail 8.8.x/8.9.x bugware Michal Zalewski (Jan 18)
- Re: Sendmail 8.8.x/8.9.x bugware Nic Bellamy (Jan 19)
- NetBSD Security Advisory 1999-001: select(2)/accept(2) race Luke Mewburn (Jan 20)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)
- Mirc 5.5 'DCC Server' hole Spikeman (Jan 24)
- Re: Mirc 5.5 'DCC Server' hole Sandro Jurado (Jan 26)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Casper Dik (Jan 25)
- Announcement: Wietse's FTP site has moved Wietse Venema (Jan 25)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)
- Keeping Solaris up-to-date: summary John RIddoch (Jan 20)
- FW: Personal web server - Temporary Fix Ollie Whitehouse (Jan 20)
- Nobo and Netbuster Dos Wolfgang Gassner (Jan 20)
- Re: Nobo and Netbuster Dos Flavio Veloso (Jan 21)
- Quake 2 Server Crash Leif Sawyer (Jan 20)
- NetBSD Security Advisory 1999-001: select(2)/accept(2) race D. J. Bernstein (Jan 20)
- Sendmail 8.8.x/8.9.x bugware Gregory Neil Shapiro (Jan 20)
- CFP: New Security Paradigms Workshop 1999 Crispin Cowan (Jan 21)
- Re: Sendmail 8.8.x/8.9.x bugware Phil Stracchino (Jan 21)
- Re: Sendmail 8.8.x/8.9.x bugware Phil Stracchino (Jan 21)
- linux crashes irix6.3 Philipp Schott (Jan 22)
- Re: linux crashes irix6.3 J.A. Gutierrez (Jan 23)