[1596] in WWW Security List Archive
NT WWW Vulnerabilities?
daemon@ATHENA.MIT.EDU (A. P. Harris)
Sat Mar 9 21:36:17 1996
To: Stan Orchard <stano@halcyon.com>
cc: www-security@ns2.rutgers.edu
In-reply-to: Your message of Wed, 06 Mar 1996 07:55:52 PST.
<Pine.ULT.3.91.960306075410.29196B-100000@coho.halcyon.com>
Date: Fri, 08 Mar 1996 10:35:29 -0600
From: "A. P. Harris" <apharris@onshore.com>
Errors-To: owner-www-security@ns2.rutgers.edu
[You (Stan Orchard)]
>Please excuse if this has been asked a lot. Just got on this list. We're
>interested in any security weaknesses in NT 3.51 running Website or the
>MS IIS. I perused the archive for this list and can find no references.
>I've been told this has been discussed here recently. Any thoughts would
>be appreciated.
Don't know about website, but Netscape's NT server and MS IIS both have a
security "cave" (bigger than a hole). If you put a batch file in any area
which can execute CGI (say, http://nt.host.com/cgi-bin/test.bat) one can run
arbitrary DOS commands (http://nt.host.com/cgi-bin/test.bat&?dir).
Hopefully this will be fixed soon. For now, I'd recommend turning all your
batch files into .com files with a program called bat2exec. Search archie
for bat2exec.zip. Works fine, even for running Perl out of batch files.
.....A. P. Harris...apharris@onShore.com...<URL:http://www.onShore.com/>
