[Previous] [Next] [Index]
[Thread]
NT WWW Vulnerabilities?
The interesting thing about the IIS server is that you don't even have
to have a .BAT file in order to elicit the bug. Calling a URL that
references a nonexistent .BAT file works just fine.
IIS has announced the new version fixes this problem. I suggest you
download it.
Lincoln
A. P. Harris writes:
>
>
> [You (Stan Orchard)]
> >Please excuse if this has been asked a lot. Just got on this list. We're
> >interested in any security weaknesses in NT 3.51 running Website or the
> >MS IIS. I perused the archive for this list and can find no references.
> >I've been told this has been discussed here recently. Any thoughts would
> >be appreciated.
>
> Don't know about website, but Netscape's NT server and MS IIS both have a
> security "cave" (bigger than a hole). If you put a batch file in any area
> which can execute CGI (say, http://nt.host.com/cgi-bin/test.bat) one can run
> arbitrary DOS commands (http://nt.host.com/cgi-bin/test.bat&?dir).
>
> Hopefully this will be fixed soon. For now, I'd recommend turning all your
> batch files into .com files with a program called bat2exec. Search archie
> for bat2exec.zip. Works fine, even for running Perl out of batch files.
>
> .....A. P. Harris...apharris@onShore.com...<URL:http://www.onShore.com/>
>
>
>
References: