[14892] in bugtraq
Re: shtml.exe reveal local path of IIS web directory
daemon@ATHENA.MIT.EDU (Matt Carothers)
Mon May 15 03:36:24 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSI.4.05L.10005131359050.9279-100000@zoom1.telepath.com>
Date: Sat, 13 May 2000 14:17:11 -0500
Reply-To: Matt Carothers <matt@TELEPATH.COM>
From: Matt Carothers <matt@TELEPATH.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <002001bfb883$3b3949e0$70bcfea9@f3t2j0>
Microsoft's frontpage module for Apache displays the same behavior.
http://www.whoever.com/_vti_bin/shtml.exe/whatever.html returns
'Cannot open "/document/root/whatever.html": no such file or folder.'
http://www.whoever.com/_vti_bin/shtml.exe/whatever.something returns
'Cannot run the FrontPage Server Extensions' Smart HTML interpreter on this
non-HTML page: "whatever.something"'
Tested on mod_frontpage/3.0.4.3
- Matt
On Mon, 8 May 2000, SMILER wrote:
> I tested this in WIN NT 4.0 and it also reveal local path of iis Web
> Directory.
>
> -----Original Message-----
> From: Frankie Zie <root@CNNS.NET>
> To: BUGTRAQ@SECURITYFOCUS.COM <BUGTRAQ@SECURITYFOCUS.COM>
> Date: Domingo, 7 de Maio de 2000 22:08
> Subject: shtml.exe reveal local path of IIS web directory
>
>
> >http://207.69.190.42/_vti_bin/shtml.exe/postinfo1.html
> >
> >We get the following message:
> >Cannot open "d:\inetpub\wwwroot\postinfo1.html": no such
> >file or folder.
> >
> >By the way, if we request file that does not exist and the
> >extention file name is not html, shtml or asp, such as
> >http://207.69.190.42/_vti_bin/shtml.exe/postinfo1.exe,
> >We'll get different message:
> >Cannot run the FrontPage Server Extensions' Smart HTML
> >interpreter on this non-HTML page: "postinfo1.exe"
