[Am-info] Microsoft IIS 5.1 Frontpage Extensions Path Disclosure Information
Fred A. Miller
fm@cupserv.org
Thu, 21 Feb 2002 15:32:44 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Microsoft IIS 5.1 Frontpage Extensions Path Disclosure Information
Vulnerability
BugTraq ID: 4078
Remote: Yes
Date Published: Feb 11 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4078
Summary:
An issue has been reported that a number of configuration files (.cnf)
in Microsoft IIS 5.1, could be used to disclose sensitive system
information to remote users.
Allegedly, submitting a request for one of the vulnerable files by way
of '/_vti_pvt/', will cause the host to reveal system path information.
The reported problematic configuration files are 'access.cnf',
'botinfs.cnf', 'bots.cnf' and 'linkinfo.cnf'. Reportedly, a request
similar to the following will exploit this issue:
GET /_vti_pvt/file.cnf
Successful exploitation of this issue could lead to the disclosure of
sensitive path information, which may assist in further attacks against
the host.
Microsoft has not confirmed the existence of these vulnerabilities.
* Confliciting details exist. This issue may be the result of a
configuration error, although this has not been confirmed.
- --
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8dVlsIhTtc6nTZIIRAqcrAJ9H41vDB+ROxOs7bO8sD/+EO8ypZACggd/4
VB7mwkgwOd5gXMJ0N2gm4pY=
=SER8
-----END PGP SIGNATURE-----