[12000] in bugtraq
Everyone writable IIS root directory
daemon@ATHENA.MIT.EDU (Nobuo Miwa)
Sun Sep 26 14:16:15 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <199909240917.CBB49202.BXONJ-@lac.co.jp>
Date: Fri, 24 Sep 1999 09:17:24 +0900
Reply-To: Nobuo Miwa <n-miwa@LAC.CO.JP>
From: Nobuo Miwa <n-miwa@LAC.CO.JP>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
We(JWNTUG(Japan Windows NT Users Group) Security Working Group)
reported MS about a kind of DoS problem on mailroot and ftproot
directories of IIS.
Those directories(C:\Inetpub\ftproot,\mailroot) are readable
and writable for everyone.
So we tested following script as C:\inetpub\mailroot\fill.bat
:fill
copy drop\*.* pickup
goto fill
This script can be executed by any user and hard disk will
be filled with emails soon after some emails come into "drop"
directory. We tested also from Terminal Server. It works well.
In addition, any user can read and write email in drop folder.
We reported MS and they replied as followings..
You're right -- those permissions shouldbe tightened.
We're going to add this to the IIS Security Checklist at
http://www.microsoft.com/security/products/iis/CheckList.asp,
to make sure that customers know that they need to do this.
Thanks again for reporting the issue! Regards,
Secure@microsoft.com
----------------------------------------------------------------
Nobuo Miwa
A member of JWNTUG Security Working Group
http://www.jwntug.or.jp
Special thanks to
Hideaki Ihara<ihara@port139.co.jp>
YOKOYAMA Tetsuya <Yokoyama.Tetsuya@GlobalKnowledge.Co.JP>
