[14354] in bugtraq
Re: Enumerate Root Web Server Directory Vulnerability for IIS 4.0
daemon@ATHENA.MIT.EDU (Chris Paget)
Mon Mar 20 07:28:48 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <3.0.5.32.20000317092905.0098d6c0@bluetit.analysys.co.uk>
Date: Fri, 17 Mar 2000 09:29:05 +0000
Reply-To: Chris Paget <chris.paget@ANALYSYS.COM>
From: Chris Paget <chris.paget@ANALYSYS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <007201bf89dc$a18dd2e0$056fee3f@spis.net>
At 09:32 09/03/2000 -0600, you wrote:
>BugTraq,
>
> I was recently auditing the security on one of my web servers when I came
>across a new Extension Enumerate Root Web Server Directory Vulnerability for
>IIS 4.0. Going to the main website and asking for anything.idq I get the
>page cannot be found. But if the files for the web server reside on a share
>the full network path is found.
>
>The Exploit:
>
>On the shared network drive, http://server/anything.idq
>
>The file \\share\wwwroot\inetpub\webpage\*.idq is on a network share. IDQ,
>IDA and HTX files cannot be placed on a network share.
Confirmed in IIS 5 as well - Windows 2000 professional (build 2195), IIS 5.
Same eror message.
Chris
--
Chris Paget
Software Engineer, Analysys LTD.
chris.paget@analysys.com
