Bugtraq mailing list archives
Allaire JRun ACL bypassing/soure disclosure vulnerability
From: Gregory Duchemin <c3rb3r () hotmail com>
Date: 3 Dec 2001 07:54:26 -0000
In-Reply-To: <009a01c1792a$d8a23160$0205a8c0@athlon> hi, just an add on for the Jrun indexing vulnerability, the same %3f.jsp trick allows to view server scripts sources by using : GET /scripts.asp%3f.jsp HTTP/1.0 and can be used to bypass IIS directories ACLs too while indexing the content and/or viewing files. GET /ACL-protected/%3f.jsp tested on IIs 4.0 Have a nice day Gregory
Current thread:
- Allaire JRun ACL bypassing/soure disclosure vulnerability Gregory Duchemin (Dec 03)