Hi, you can detect such a server very easily: ---------------------------------------- GET /index.html HTTP/1.0 HTTP/1.0 200 OK Server: IBM-HTTP-Server/1.0 .... Content-Type: text/html ---------------------------------------- ---------------------------------------- GET /index.html/ HTTP/1.0 HTTP/1.0 200 OK Server: IBM-HTTP-Server/1.0 .... Content-Type: www/unknown <------- here ---------------------------------------- A NASL Script is attached... Regards, Felix Huber ------------------------------------------------------- Felix Huber, Security Consultant, Webtopia Guendlinger Str.2, 79241 Ihringen - Germany huberfelixat_private (07668) 951 156 (phone) http://www.webtopia.de (07668) 951 157 (fax) (01792) 205 724 (mobile) ------------------------------------------------------- > IBM's HTTP Server on the AS/400 platform is vulnerable to an attack > that will show the source code of the page -- such as an .html or .jsp > page -- by attaching an '/' to the end of a URL. > > Compare these two URL's: > > http://www.foo.com/getsource.jsp > > http://www.foo.com/getsource.jsp/ > > The later URL will deliver the jsp source to the browser. > > I reported this problem to IBM approximately 9 or 10 months ago.
This archive was generated by hypermail 2b30 : Thu Nov 08 2001 - 13:49:04 PST