[9129] in bugtraq
Re: Personal web server
daemon@ATHENA.MIT.EDU (Sean Coates)
Tue Jan 19 20:11:06 1999
Date: Tue, 19 Jan 1999 18:37:55 -0400
Reply-To: Sean Coates <sean@SPATULA.ML.ORG>
From: Sean Coates <sean@SPATULA.ML.ORG>
X-To: Michael Howard <mikehow@microsoft.com>
To: BUGTRAQ@NETSPACE.ORG
Michael Howard wrote:
> the frontpage team are looking at it now - as sean noted, the iis codebase
> in pws does not have this issue. i'll fwd more info to this alias as soon as
> i get more info from the fp team.
>
> Cheers, MH
> IIS Security
>
It seems that servers which are branded "IIS" _DO_ have the problem, and
servers branded with "PWS" do NOT have the problem. For instance, the server at
24.231.6.49 returns a server version of "Microsoft-PWS-95/2.0" yet the server at
24.231.6.205 returns "Microsoft-IIS/4.0" and the server at
24.231.6.2(www.ebci.ca) returns "Microsoft-IIS/4.0 Beta 3".
the *.49 server is not vulnerable, and neither is the *.2 server, but the *.205
server IS vulnerable (I told the admin of this machine about the problem, so it
may be fixed by the time this reaches bugtraq.)
By talking to the admin of each server, I've concluded that the *.49 server is a
downloaded version of PWS, running on windows98, the *.205 server is PWS from
the windows98 CD (OEM, as far as I know), running on Win98, and the *.2 server
is actually IIS, running on Windows NT Server 4.
Sorry about the confusion of my earlier post, hope this clears it up.
My luck, it'll probably just make it worse. (-;
Sean Coates
sean@spatula.ml.org
scoates@usa.net
