RE: [Plugins-writers] Inktomi Search Vulnerability

From: Martin O'Neal (martin.oneal@private)
Date: Tue Jul 06 2004 - 06:32:10 PDT

Spooky! I had just cut a nasl script for this last week.

The vuln has already been identified and released as:

Additionally, sending dos device names to some web engines will cause a
DOS condition (such as older versions of the Compaq web agent), so we
concluded that the test needed to have some kind of pre-check to ensure
that the platform is Inktomi/Ultraseek before sending the /nul test.

Alternative script attached.

Martin O'Neal

-----Original Message-----
From: plugins-writers-bounces@private
[mailto:plugins-writers-bounces@private] On Behalf Of Sarju
Sent: 06 July 2004 11:39
To: deraison@private
Cc: plugins-writers@private
Subject: [Plugins-writers] Inktomi Search Vulnerability


Discovered vulnerability in an old version of Inktomi Search,
requests using MS-DOS special file names such as nul can cause a
python error which contain physical path of the webroot.

The vulnerability has been fixed in most recent version.

I have attached the test.


Sarju Bhagat
Software Engineer
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: sarju@private

Plugins-writers mailing list

This archive was generated by hypermail 2.1.3 : Tue Jul 06 2004 - 06:42:48 PDT