WebApp Sec mailing list archives

directory traversal and cmd.exe

From: Robin Wood <robin () digininja org>
Date: Tue, 10 May 2011 23:29:16 +0100

Can anyone tell me which version of IIS fixed this style of vulnerability?

http://server.com/scripts/..%5c../Windows/System32/cmd.exe?/c+dir+c:\

A few people have been talking about it recently but I've never come
across it in tests despite hitting some quite old servers. From what I
can find reading round it was IIS 4 and 5 but I'm guessing would have
been patched well before 6 came out.

Robin



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Current thread:

directory traversal and cmd.exe Robin Wood (May 10)
- Re: directory traversal and cmd.exe Robin Wood (May 10)
  - RE: directory traversal and cmd.exe Jeremi Gosney (May 12)
- Re: directory traversal and cmd.exe Jonathan Younie (May 12)