OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Roberto Moreno (mroberto98YAHOO.COM)
Date: Fri Mar 16 2001 - 16:44:36 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    WebServer Pro All Version Vulnerability

    Wildman
    wildmanhackcanada.com
    mroberto98yahoo.com

    __________________________________________________
    Do You Yahoo!?
    Get email at your own domain with Yahoo! Mail.
    http://personal.mail.yahoo.com/

    -- WebSite Pro 2.5.4/all versions Vulnerability -- March 15, 2001

    Website Pro, all versions, reveals the web directory with a simple

    character similar to the past vulnerability but all have been fixed

    except this one.

    Example:

    www.target.com/:/ <-this will reveal the exact location
                                    

    403 Forbidden
    File for URL /:/ (E:\webdir\:) cannot be accessed:
       The filename, directory name, or volume label syntax is incorrect.

    (code=123)

    No fix yet.

    ~~~~~~~~~~~~~~~~~~~~
    Wildman
    www.hackcanada.com
    wildmanhackcanada.com