NT WWW Vulnerabilities?

• To: "A. P. Harris" <apharris@onshore.com>
• Subject: NT WWW Vulnerabilities?
• From: Lincoln Stein <lstein@kaa.crbm.cnrs-mop.fr>
• Date: Mon, 11 Mar 1996 10:52:45 +0100
• Cc: Stan Orchard <stano@halcyon.com>, www-security@ns2.rutgers.edu
• In-Reply-To: <199603081635.KAA13978@burrito.onShore.com>
• References: <Pine.ULT.3.91.960306075410.29196B-100000@coho.halcyon.com> <199603081635.KAA13978@burrito.onShore.com>

The interesting thing about the IIS server is that you don't even have
to have a .BAT file in order to elicit the bug.  Calling a URL that
references a nonexistent .BAT file works just fine.

IIS has announced the new version fixes this problem.  I suggest you
download it.

Lincoln

A. P. Harris writes:
 > 
 > 
 > [You (Stan Orchard)]
 > >Please excuse if this has been asked a lot. Just got on this list. We're 
 > >interested in any security weaknesses in NT 3.51 running Website or the 
 > >MS IIS. I perused the archive for this list and can find no references. 
 > >I've been told this has been discussed here recently. Any thoughts would 
 > >be appreciated.
 > 
 > Don't know about website, but Netscape's NT server and MS IIS both have a 
 > security "cave" (bigger than a hole).  If you put a batch file in any area 
 > which can execute CGI (say, http://nt.host.com/cgi-bin/test.bat) one can run 
 > arbitrary DOS commands (http://nt.host.com/cgi-bin/test.bat&?dir).
 > 
 > Hopefully this will be fixed soon.  For now, I'd recommend turning all your 
 > batch files into .com files with a program called bat2exec.  Search archie 
 > for bat2exec.zip.  Works fine, even for running Perl out of batch files.
 > 
 > .....A. P. Harris...apharris@onShore.com...<URL:http://www.onShore.com/>
 > 
 > 
 > 

• NT WWW Vulnerabilities?
• From: Stan Orchard <stano@halcyon.com>
• NT WWW Vulnerabilities?
• From: "A. P. Harris" <apharris@onshore.com>

• Previous: Re: Java "security holes'
• Next: Re: Java "security holes'
• Index(es):
  • Index
  • Thread