FW: Personal web server - Temporary Fix

From: Ollie Whitehouse (Ollieat_private)
Date: Wed Jan 20 1999 - 06:12:53 PST

Next message: Marc Slemko: "Re: Bug in IIS and PWS but only for Windows 9x. Re: Personal web"

Previous message: John RIddoch: "Keeping Solaris up-to-date: summary"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Seems to be a quick fix:
>
> System:
> Microsoft Windows 98
>
> PWS:
> 98 Shipped Edition
>
> I have allowed directory browsing and was succesfully allowed to exploit
> this hole on my local machine.
>
> Once this was deselected received the error:
Directory listing denied

although granted this is not a complete fix, due to the fact that people
that know the file name(s) they want to retrieve (i.e. PWL, Registry or what
ever) can still do so, but it quick and people have to know the directory
layout of your PC.


> Rgds
>
> Ollie
> ----/
> Ollie Whitehouse
> I.T Co-Ordinator
> Delphis Consulting
> VOX : 0171 692 7689 (Direct Dial)
> VOX : 0171 916 0200 (Switchboard)
> FAX : 0171 916 1590 (Main)
> E-M : ollieat_private
> /----
>
> -----Original Message-----
> From: Sean Coates [SMTP:seanat_private]
> Sent: Tuesday, January 19, 1999 10:38 PM
> To:   BUGTRAQat_private
> Subject:      Re: Personal web server
>
> Michael Howard wrote:
>
> > the frontpage team are looking at it now - as sean noted, the iis
> codebase
> > in pws does not have this issue. i'll fwd more info to this alias as
> soon as
> > i get more info from the fp team.
> >
> > Cheers, MH
> > IIS Security
> >
>
>  It seems that servers which are branded "IIS" _DO_ have the problem, and
> servers branded with "PWS" do NOT have the problem. For instance, the
> server at
> 24.231.6.49 returns a server version of "Microsoft-PWS-95/2.0" yet the
> server at
> 24.231.6.205 returns "Microsoft-IIS/4.0" and the server at
> 24.231.6.2(www.ebci.ca) returns "Microsoft-IIS/4.0 Beta 3".
>
> the *.49 server is not vulnerable, and neither is the *.2 server, but the
> *.205
> server IS vulnerable (I told the admin of this machine about the problem,
> so it
> may be fixed by the time this reaches bugtraq.)
>
> By talking to the admin of each server, I've concluded that the *.49
> server is a
> downloaded version of PWS, running on windows98, the *.205 server is PWS
> from
> the windows98 CD (OEM, as far as I know), running on Win98, and the *.2
> server
> is actually IIS, running on Windows NT Server 4.
>
> Sorry about the confusion of my earlier post, hope this clears it up.
> My luck, it'll probably just make it worse. (-;
>
> Sean Coates
> seanat_private
> scoatesat_private

Next message: Marc Slemko: "Re: Bug in IIS and PWS but only for Windows 9x. Re: Personal web"
Previous message: John RIddoch: "Keeping Solaris up-to-date: summary"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:29:25 PDT