VisNetic WebSite Path Disclosure Vulnerability
From: Peter Kruse (kruse_at_KRUSESECURITY.DK)
Date: 07/02/03
- Previous message: Boczek, Malcolm: "Re: SP4 Problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 2 Jul 2003 21:18:21 +0200 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Name: VisNetic WebSite Path Disclosure Vulnerability
Date: 2nd of July 2003
Software affected: VisNetic WebSite 3.5, Service release 17
(prior versions are vulnerable)
Advisory: http://www.krusesecurity.dk/advisories/vis0103.txt
Vendor: http://www.deerfield.com/download/visnetic_website/
Risk: Low
Vendor Description:
VisNetic Website, the first web server developed specifically for
Windows,
can use almost any development platform, and includes features that
allow
web developers to create powerful, flexible web sites. VisNetic WebSite
is a secure windows-based web server that supports multiple domains, and
allows TLS/SSL secured domains. This web server also includes support
for
a user database that can restrict access to content, and is immune to
many of the security issues that may arise with other popular web
servers.
Problem:
When requesting a certain file from the vti-bin from Visnetic Website,
which doesn't exist, the error message will reveal the absolute path of
the web folder on the target host's filesystem.
This URL:
http://www.somehost.com/_vti_bin/fpcount.exe/
will return the following error
(including the local path of the installed webpage):
SNIP:
500 Server Error
The server encountered an error and was unable to complete your request.
Message: Empty output from CGI program c:/localpath/_vti_bin/fpcount.exe
Please contact the server administrator at postmaster@somehost.com and
inform them
of the time the error occured, plus anything you know of that may have
caused the error.
SNIP
The data returned by Visnetic could be used by malicious users to gain
sensitive
information about configuration of the Remote host.
Solution:
The problem should, according to Visnetic, have been resolved in the
latest build of
VisNetic WebSite that is available on the Visnetic Website download
page.
This I canīt confirm.
The update can be downloaded from the Visnetic WebSite administration
console, support
tab, check for updates (at the bottom of the tab).
Kind regards
Peter Kruse
Kruse Security
http://www.krusesecurity.dk
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Boczek, Malcolm: "Re: SP4 Problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
