[12804] in bugtraq
Re: Ultimate Bulletin Board v5.3x? Bug
daemon@ATHENA.MIT.EDU (John Riddoch)
Wed Dec 1 16:00:39 1999
Mime-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-Md5: Lw3tevIMlewPrTHLF7/CGA==
Message-Id: <19991130171527.437431F7ED@lists.securityfocus.com>
Date: Tue, 30 Nov 1999 17:15:20 +0000
Reply-To: John Riddoch <jr@scms.rgu.ac.uk>
From: John Riddoch <jr@SCMS.RGU.AC.UK>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
>By default, Member files are stored in the /cgi-bin/Members directory. The
>members files are stored as numbers, with a .cgi extension, eg: 00000001.cgi
>
>Under unix, if you put in http://www.url.blah/cgi-bin/Members/00000001.cgi,
>the server will return a 500 error, however, under NT with ActivePerl (v5.07
>I believe?), it will return something like this:
>
>CGI Error
<SNIP>
>How to fix? change the members path to something more like
>xvc83nx9wy4nd0w74m3. That will solve it
Better to make it something a bit more mnemonic, eg member.data and tell the
web server not to serve it.
--
John Riddoch Email: jr@scms.rgu.ac.uk Telephone: (01224)262721
Room C6, School of Computer and Mathematical Science
Robert Gordon University, Aberdeen, AB25 1HG
Windows: The first user interface where you click Start to turn it off.
