[22250] in bugtraq
webridge application suite gives up too much error information on
daemon@ATHENA.MIT.EDU (john.leitch@bt.com)
Wed Aug 15 11:44:43 2001
Message-ID: <844656D13E94D411A38100508B9565B6076A8DB8@sbayecex002.solutions.bt.com>
From: john.leitch@bt.com
To: bugtraq@securityfocus.com
Cc: jleitch@btinternet.com
Date: Wed, 15 Aug 2001 09:50:51 +0100
MIME-Version: 1.0
Content-Type: text/plain
Hi.
I accidently come across this error yesterday. Im not sure what to class it
as but it sure is a bug of some kind. This occurred because I tried to view
some pages on the site and forgot to remove the trailing slash so it had //
at the end of the URL.
Still it should not give up this information (internal ip.......). I have
removed the ipaddress and domain.
Regards
John Leitch
============================================================================
============================================
Internal Server Error
An internal server error occurred while trying to retrieve the page you
requested, http://www.somedomain.com/somedomainPilot/Login/Login//.
The internal error code is: -1
----------------------------------------------------------------------------
----
BrowserType
Browser Netscape
Version 4.00
Frames TRUE
Tables TRUE
BackgroundSounds FALSE
VBScript FALSE
JScript TRUE
Request.QueryString
errorCode = -1
redirect = http://www.somedomain.com/somedomainPilot/Login/Login//
Request.Form
Request.Cookies
Request.ClientCertificate
Request.ServerVariables
ALL_HTTP = HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword,
*/* HTTP_ACCEPT_LANGUAGE:en-gb HTTP_CONNECTION:Keep-Alive
HTTP_HOST:www.somedomain.com HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE
6.0b; Windows NT 5.0) HTTP_ACCEPT_ENCODING:gzip, deflate
ALL_RAW = Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword,
*/* Accept-Language: en-gb Connection: Keep-Alive Host: www.somedomain.com
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0)
Accept-Encoding: gzip, deflate
APPL_MD_PATH = /LM/W3SVC/1/ROOT
APPL_PHYSICAL_PATH = D:\wwwroot\
AUTH_PASSWORD =
AUTH_TYPE =
AUTH_USER =
CERT_COOKIE =
CERT_FLAGS =
CERT_ISSUER =
CERT_KEYSIZE =
CERT_SECRETKEYSIZE =
CERT_SERIALNUMBER =
CERT_SERVER_ISSUER =
CERT_SERVER_SUBJECT =
CERT_SUBJECT =
CONTENT_LENGTH = 0
CONTENT_TYPE =
GATEWAY_INTERFACE = CGI/1.1
HTTPS = off
HTTPS_KEYSIZE =
HTTPS_SECRETKEYSIZE =
HTTPS_SERVER_ISSUER =
HTTPS_SERVER_SUBJECT =
INSTANCE_ID = 1
INSTANCE_META_PATH = /LM/W3SVC/1
LOCAL_ADDR = 192.168.4.21
LOGON_USER =
PATH_INFO = /_WOM/somedomainpilot/Open/UnhandledError.asp
PATH_TRANSLATED = E:\Program
Files\Webridge\Mainspan\InetPub\Webr\somedomainpilot\Open\UnhandledError.asp
QUERY_STRING =
errorCode=-1&redirect=http://www.somedomain.com/somedomainPilot/Login/Login/
/
REMOTE_ADDR = X.X.X.X
REMOTE_HOST = X.X.X.X
REMOTE_USER =
REQUEST_METHOD = GET
SCRIPT_NAME = /_WOM/somedomainpilot/Open/UnhandledError.asp
SERVER_NAME = www.somedomain.com
SERVER_PORT = 80
SERVER_PORT_SECURE = 0
SERVER_PROTOCOL = HTTP/1.1
SERVER_SOFTWARE = Microsoft-IIS/4.0
URL = /_WOM/somedomainpilot/Open/UnhandledError.asp
HTTP_ACCEPT = image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword,
*/*
HTTP_ACCEPT_LANGUAGE = en-gb
HTTP_CONNECTION = Keep-Alive
HTTP_HOST = www.somedomain.com
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0)
HTTP_ACCEPT_ENCODING = gzip, deflate
