[19726] in bugtraq
Re: Microsoft - Personal Web Server Extended UNICODE Directory
daemon@ATHENA.MIT.EDU (Dinos Pastos)
Tue Mar 20 14:28:27 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <002501c0b0ff$b8bcbda0$2a741fd4@cytanet.com.cy>
Date: Tue, 20 Mar 2001 07:35:54 +0200
Reply-To: Dinos Pastos <dinopio@LINUX.COM.CY>
From: Dinos Pastos <dinopio@LINUX.COM.CY>
To: BUGTRAQ@SECURITYFOCUS.COM
----- Original Message -----
From: "Microsoft Security Response Center" <secure@microsoft.com>
To: "Dinos Pastos" <dinopio@linux.com.cy>; <BUGTRAQ@SECURITYFOCUS.COM>
Cc: "Microsoft Security Response Center" <secure@microsoft.com>
Sent: Monday, March 19, 2001 10:17 PM
Subject: RE: Microsoft - Personal Web Server Extended UNICODE Directory
Traversal Vulnerability
> Hi All -
>
> Personal Web Server is, of course, not intended to host web sites on the
> Internet. It's only intended to be used in protected environments such
> as home networks and the like. If you're hosting an Internet site, IIS
> is the appropriate product to use. Regards,
I Never said that I used Win9X with PWS to host a Website... I am trying to
point out that Win9x users that installed PWS on there machine (either just
to see what it is) can be exposed to this hole...
I am sure that alot of PWS users are out there, not as profesional servers,
but as testing machines...
A quick ip ranged port scan on port 80 on my local ISP showed over 100 PWS
servers running with the default HTML PWS uses...
This means that users install PWS without even using it...
A Windows Update would be nice...
> Scott Culp
> Security Program Manager
> Microsoft Security Response Center
>
> -----Original Message-----
> From: Dinos Pastos [mailto:dinopio@LINUX.COM.CY]
> Sent: Sunday, March 18, 2001 2:16 AM
> To: BUGTRAQ@SECURITYFOCUS.COM
> Subject: Microsoft - Personal Web Server Extended UNICODE Directory
> Traversal Vulnerability
>
>
> Hi all...
>
> Just wanted to point out that while testing my Default installation of
> Windows 98 running Microsoft Personal Web Server that came with the
> Windows98 SE CD I discovered that the famous IIS 4/5 Unicode Directory
> Traversal Vulnerability applies also to this Server just as bad as in
> IIS.
>
> The exploit method is the same :
> http://PWS-server/scripts/..%c1%9c../windows/notepad.exe
>
> I wont go in to detail on how to exploit a Windows machine... (Sorry
> script kiddies)...
>
> Patches: Dunno.
> Quickfixes: Use Linux.
>
> Dinos Pastos - dinopio@linux.com.cy
> Security Advisor
>
