[14014] in bugtraq
Re: Doubledot bug in FrontPage FrontPage Personal Web Server.
daemon@ATHENA.MIT.EDU (KOJIMA Hajime)
Thu Feb 24 18:00:42 2000
Message-Id: <23230.951391749@ideon.st.ryukoku.ac.jp>
Date: Thu, 24 Feb 2000 20:29:09 +0900
Reply-To: KOJIMA Hajime <kjm@RINS.RYUKOKU.AC.JP>
From: KOJIMA Hajime <kjm@RINS.RYUKOKU.AC.JP>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Wed, 16 Feb 2000 00:15:51 +0100"
In <000801bf780a$9ad4b2e0$0100007f@localhost>,
Jan van de Rijt wrote:
| Description: Doubledot bug in FrontPage FrontPage Personal Web Server.
| Compromise: Accessing drive trough browser.
| Vulnerable Systems: Frontpage-PWS32/3.0.2.926 other versions not tested.
| Details:
| When FrontPage-PWS runs a site on your c:\ drive your drive could be =
| accessed by any user accessing your page, simply by requesting any file =
| in any directory except the files in the FrontPage dir. specially =
| /_vti_pvt/.
|
| How to exploit this bug?
| Simply adding /..../ in the URL addressbar.
It sounds like same as:
<http://www.securityfocus.com/templates/archive.pike?list=1&msg=01bae51a$9ab232b0$0100007f@nordnode>
<http://www.microsoft.com/security/bulletins/ms99-010.asp>
----
KOJIMA Hajime - Ryukoku University, Seta, Ootsu, Shiga, 520-2194 Japan
[Office] kjm@rins.ryukoku.ac.jp, http://www.st.ryukoku.ac.jp/~kjm/
