According to the Xerox Corporate Website: DocuShare lets team members use your corporate intranet or extranet to set up a virtual information-sharing environment. Here, users can easily post, retrieve, and search for information that resides in familiar nested folders. And they can adapt DocuShare to suit the specific needs of any workgroup or project. DocuShare gives you instant and controlled access to information. Read and write permission rights are granted and maintained by the workgroup itself. There's no need for a Webmaster to convert documents to HTML or PDF before posting or updating information. And users can see at a glance which documents are new and revised. By default, anonymous users can create an account or group and upload files at will. Aside from uploading a malicious HTML document, and potentially exposing unknowing users, the internal IP address of the server running DocuShare can also be revealed. Using the Upload Helper Utility, it is possible to gain information about the server which is hosting DocuShare. <------------SNIP----------> DS: 192.168.1.13 URL: http://192.168.1.13:80/dscgi/ds.py/ApplyUpload/Collection-10 <http://192.168.1.13/dscgi/ds.py/ApplyUpload/Collection-10> Proxy: File: Exploit.html (1955967 bytes) Start 22:12:46 Sep 30, 02 Finish 4507 msec (result code 200) Terminate 4517 msec since 1st upload <------------SNIP----------> Depending on the Anti-Virus program in use files sent to the server are not checked for viruses. When using Trend Micro with the real-time scan enabled and with updated virus definitions it did not identify any of the viruses or malicious HTML code that was sent. Tested in Version 2.2 Workgroup (Build 180) Ryan Purita Network Security Analyst Totally Connected Ltd. 1308 S.E. Marine Drive, Vancouver, B.C., V5X 4K4 ryan@totally-connected.com Phone: 604-432-7828 Fax: 604-432-6773 *************************************************************************************************** ----Notice Regarding Confidentiality of Transmission ---- *************************************************************************************************** This message is intended only for the person to which it is addressed and may contain information that is privileged and confidential. If you are not the intended recipient, you are hereby notified that any dissemination or copying of this communication is prohibited. Please notify us of the error in communication by telephone (604-432-7828) or by return e-mail and destroy all copies of this communication. Thank you. ***************************************************************************************************
This archive was generated by hypermail 2b30 : Thu Oct 03 2002 - 13:26:30 PDT