[Fwd: webstar servers and macintosh]

From: Wayne Dunne (wayneat_private)
Date: Thu Sep 06 2001 - 13:07:20 PDT

Next message: Bill Pennington: "Re: Testing load balanced servers behind NAT"

Previous message: Ogle Ron (Rennes): "RE: Security Audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

attached mail follows:

Sorry, Please post for me, Can't post to the list directly but in some versions of webstar you can DOS the system by typing and "&" in the search box. If they are using the sherlock plug-in it won't work but the default install on 3 and 4 it should work. Also, try downloading the index.search page to look for restricted areas. Usually it is http://yourserver/index.search this usually reveals some good info. I accidentally crashed the Army's new website after they announced that it was switched to webstar by searching for &... That's how I discovered it... Then I tried it on one of our servers and sure enough, it worked... Joshua Burke Web Manager Heartland AEA 11 "Time is an illusion. Lunchtime doubly so." -----Original Message----- From: Wayne Dunne [mailto:wayneat_private] Sent: Wednesday, September 05, 2001 2:21 PM To: pen-testat_private Subject: Re: webstar servers and macintosh 1. Check to see if the log files are protected by a realm. the default is http://yourserver/webstar.log or http://yourserver/logs/webstar.log 2. There is a buffer overflow in a version of webstar, i think its 3.x, its in the vuln db @ secfocus but their seach is down. You could use that as a DoS. 3. download the remote admin tools for Web* and Eims and try the usual passwords etc... other than that there isnt much you can do to a mac...no shell. scan for remote admin tools like timbuktoo. see if guest can send notes or knock for a reply. the is a buffer overflow in timbuktoo Ver 4.8 (i think) telnet to port 407 and pipe a large text file to it will crash the machine. if i think of more i'll add it wayne "Shea, Tim" wrote: > Hello, > > We are doing a pen-test for a small firm running WebSTAR 3.0.1 and Eudora > Internet Mail Server 3.0 ... Does anyone have any suggestions for these > services or general tips for pen-testing macintosh networks? > > Thanks. > T > > --------------------------------------------------------------- ------------- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ ----------------------------------------------------------------- ----------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/

Next message: Bill Pennington: "Re: Testing load balanced servers behind NAT"
Previous message: Ogle Ron (Rennes): "RE: Security Audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 16:07:30 PDT