| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <003d01ca88aa$6e08aa80$4a19ff80$@org> Date: Tue, 29 Dec 2009 15:14:46 -0200 From: "Nelson Brito" <nbrito@...ure.org> To: "'Crash - DcLabs'" <crashbrz@...il.com>, <bugtraq@...urityfocus.com> Subject: RE: Tests about semicolon zero-day (BID 37460) @hdmoore: Exploiting Microsoft IIS with Metasploit: http://bit.ly/52oJoE (ASP;JPG bug). Cheers. /* * $Id: .siganture,v 1.3 2009-12-11 09:22:54-02 nbrito Exp $ * * Author: Nelson Brito <nbrito [at] sekure [dot] org> Copyright(c) 2004-2009 Nelson Brito. All rights reserved worldwide. http://fnstenv.blogspot.com */ > -----Original Message----- > From: Crash - DcLabs [mailto:crashbrz@...il.com] > Sent: Monday, December 28, 2009 8:28 PM > To: bugtraq@...urityfocus.com > Subject: Tests about semicolon zero-day (BID 37460) > > Tests about semicolon zero-day (BID 37460) > > Tests in Windows XP SP3 and IIS 5.1 > The results are: > 18:21:18 172.16.5.79 GET /t.asp;.jpg 200 > The file founded, but not interpreted! IIS print the asp souce code at > screen. > > Testing in 2003 Server IIS 6.0 SP 2 works perfect! the .jpg is > interpreted as .asp > 2009-12-28 18:56:37 W3SVC1 172.16.5.79 GET /t.asp;.jpg - 80 - > 172.16.6.16 Mozilla/4.0+(compatible;+MSIE+ > 8.0;+Windows+NT+5.2;+Trident/4.0;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.N > ET+CLR+3.0.04506.30;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+C > LR+3.5.30729) > 200 0 0 > > Testing in 2008 Server IIS 7.0 SP1 > Return same Windows XP, source code printed at screen. > > ------------------- > Crash > DcLabs
Powered by blists - more mailing lists