[11573] in bugtraq
Re: FrontPage Personal Web Server
daemon@ATHENA.MIT.EDU (Kerb)
Sun Aug 29 00:36:42 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <01BEEF25.114DEAA0.kerb@fnusa.com>
Date: Wed, 25 Aug 1999 18:10:08 -0500
Reply-To: Kerb <kerb@FNUSA.COM>
From: Kerb <kerb@FNUSA.COM>
X-To: Thomas Hsieh <tyh@corp.earthlink.net>
To: BUGTRAQ@SECURITYFOCUS.COM
Tom,
I really don't have access to a copy of FP2000. If someone does, and would
like to test the exploit, I'd appreciate any feedback possible. I would
suspect that the overflow still exists, being that most/all MS products are of
little worth. One thing that would really help in the server would be to block
access from all IP's except 127.0.0.1.
-Kerb
On Tuesday, August 24, 1999 2:44 PM, Thomas Hsieh [SMTP:tyh@corp.earthlink.net]
wrote:
: Have you tested this exploint on FP2000?
:
:
: -Tom
:
: On Mon, 23 Aug 1999, Kerb wrote:
:
: > Date: Mon, 23 Aug 1999 03:28:39 -0500
: > From: Kerb <kerb@FNUSA.COM>
: > To: BUGTRAQ@SECURITYFOCUS.COM
: > Subject: FrontPage Personal Web Server
: >
: > I'm sorry if this exploit has already been released, but to the best of my
: > knowledge, it hasn't. This is a small exploit (written in perl) that takes
: > advantage of the poor URL length handling of FrontPage 98's personal web
: > server
: > that is executed when you open/create a "web". This exploit will work on
: > most
: > machines with a perl interpreter, I coded it (and tested it, of course) on
: > my
: > Wind0ze 95 machine. If ya have any questions or comments about this
script,
: >
: > feel free to Email me.
: >
: >
: >
: >
: > -KerberosX : kerb [at] linuxfreak [dot] com
: >
: >
: >
: >
: >
: >
