[23661] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Active Perl path reveal

daemon@ATHENA.MIT.EDU (alan fong)
Mon Dec 31 13:57:49 2001

Date: 31 Dec 2001 17:31:10 -0000
Message-ID: <20011231173110.4215.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: alan fong <alan.fong@city.ottawa.on.ca>
To: bugtraq@securityfocus.com

In-Reply-To: <20011229185339.24430.qmail@mail.securityfocus.com>

Any extension that IIS maps to C:\perl\bin\Perl.exe 
causes this problem (not necessarily .pl).

You can define a custom error page for 502 errors to 
hide your path. 

You can also map to C:\perl\bin\PerlIS.dll  but there 
are some differences so don't blame me if anything 
blows up.

Cheers.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23661] in bugtraq

Re: Active Perl path reveal

daemon@ATHENA.MIT.EDU (alan fong)Mon Dec 31 13:57:49 2001

daemon@ATHENA.MIT.EDU (alan fong)
Mon Dec 31 13:57:49 2001