Re: idq.dll problem??

[RWXLabs <rwxlabs () rwxsecurity com>]

Hi,

All the test was carried through in system with all patches applied, 
however, it is enough to request the URL:

www.server.com/null.ida?=

So that the server presents the error, being that only caracter = 
(equal) this happens!

Any ideas?

Marcos Ferreira
marcos () rwxsecurity com
RWXSecurity - Segurança na Internet
http://www.rwxsecurity.com



Brett Moore wrote:

> Made me think of the .ida bof testing that went on during the code red
> season.
>
>
> On A patched system.
> Results
> Sending 1-199 bytes yields the error:
> The IDQ file NULL.ida could not be found.
> Nothing written to the event log.
>
> Sending 200-??? bytes we get:
> File .
> Error 0x80040e14 caught while processing query
> Nothing written to the event log.
>
>
> Were you testing patch/unpatched?
>
> Brett
>
> > -----Original Message-----
> > From: H D Moore [mailto:sflist () digitaloffense net]
> > Sent: Thursday, 14 March 2002 17:31
> > To: RWXLabs; bugtraq () securityfocus com; vuln-dev () securityfocus com;
> > secure () microsoft com
> > Subject: Re: idq.dll problem??
> >
> >
> > On Wednesday 13 March 2002 06:13 pm, RWXLabs wrote:
> >
> > > Hello,
> > >
> > > In some tests carried through with servers IIS5, I found the following
> > > problem.
> > >
> > > When requesting the URL:
> > >
> > > ww.server.com/null.ida?=
> > >
> > >
> > > The server returned the following message:
> > >
> > > File . Error 0x80040e14 caught while processing query
> > Interesting. That error is normally thrown by the ODBC handler anytime an
> > invalid/misformed query is made in an ASP script. The error message
> > translates into "The command contained one or more errors".
> >
> > Check out this URL:
> http://www.adopenstatic.com/faq/80040e14.asp