[15912] in bugtraq
Re: Roxen Web Server Vulnerability
daemon@ATHENA.MIT.EDU (Max Vision)
Sat Jul 22 19:11:57 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Enip.BSO.23.0007211411310.12498-100000@www.whitehats.com>
Date: Fri, 21 Jul 2000 14:14:27 -0700
Reply-To: Max Vision <vision@WHITEHATS.COM>
From: Max Vision <vision@WHITEHATS.COM>
X-To: zorgon@SDF.FREESHELL.ORG
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000721074818.A10870@sdf.freeshell.org>
On Fri, 21 Jul 2000 zorgon@SDF.FREESHELL.ORG wrote:
> * Second problem:
> If you typed the URL: http://www.victim.com/%00/, you will see the contents of site
> in question. This vulnerability was directly tested on the Roxen's web site:
> http://www.roxen.com
>
Hi,
I ran a quick test can determined the following:
Sites NOT affected (versions according to http banner):
Roxen-Challenger/1.1
Roxen-Challenger/1.1.1
Roxen-Challenger/1.3.111
Roxen-Challenger/1.3.120
Roxen-Challenger/1.3.121
Roxen-Challenger/1.3.122
Roxen-Challenger/1.3.122-11
Roxen-Challenger/1.3.126
Roxen-Challenger/1.3.32
Roxen-Challenger/1.2.46
Roxen-Challenger/1.4.38
Roxen/2.0.29
Roxen/2.0.67 (such as www.roxen.com as of 07-21-2000)
Sites where this DOES work (neat, reminicent of ?PageServices :)
Roxen/2.0.46
Roxen/2.0.50 (current distribution available for download!)
Roxen/2.0.52
Roxen/2.0.66
Max Vision
http://whitehats.com/
