[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: IIS dosn't check existance of local file before calling CGI
From: 3APA3A <3APA3A () SECURITY ! NNOV ! RU>
Date: 2000-02-29 19:12:11
[Download RAW message or body]
Hello,
There is another one way to retrieve a full path to local files in
IIS4:
If there is external CGI application configured for some file type
and this application doesn't produce correct HTTP headers IIS
generates an error with output of application (both stdout and
stderror). The problem is, that IIS doesn't check existance of the
requested file before calling CGI application.
For example, if perl configured as an external CGI program for .pl
files and user requests nonexistent .pl file
(http://www.somehost.com/nonexistant.pl) IIS calls perl with
nonexistant.pl, and generates error message:
"<head><title>Error in CGI Application</title></head>
<body><h1>CGI Error</h1>The specified CGI application misbehaved by not
returning a complete set of HTTP headers. The headers it did return
are:<p><p><pre>Can't open perl script
"d:\inetpub\wwwroot\present\security\nonexistant.pl":
No such file or directory
</pre>"
http://www.security.nnov.ru
/\_/\
{ . . } |\
+--oQQo->{ ^ }<-----+ \
| 3APA3A U 3APA3A }
+-------------o66o--+ /
|/
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic