[NT] Falcon Web Server Unauthorized File Disclosure Vulnerability
From: support@securiteam.comDate: 05/27/02
- Previous message: support@securiteam.com: "[REVS] SQL Injection Walkthrough"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Mon, 27 May 2002 07:48:40 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Falcon Web Server Unauthorized File Disclosure Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://www.blueface.com/> Falcon Web Server is a desktop web server
capable of running a small / medium website with a typical load of up to
50-80 hits per minute. The server has the ability to execute ISAPI and
WinCGI applications from virtual directories. A security vulnerability in
the product allows attackers to gain access to password-protected
directories.
DETAILS
Vulnerable systems:
* Falcon Web Server version 2.0
Due to a flaw in Falcon Web Server for Windows, it is possible for a user
to gain read access of known password protected files residing on a Falcon
Web Server host.
http://host//protectedfolder/
(Note the extra / after the hostname)
ADDITIONAL INFORMATION
The information has been provided by <mailto:ts@securityoffice.net> Tamer
Sahin.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[REVS] SQL Injection Walkthrough"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [NT] Falcon Web Server Authentication Circumvention Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Falcon Web Server is an
ISAPI and WinCGI ... Falcon Web Server supports virtual directory mapping and allows the
server ... Requesting the same directory as 'http://server//test/ ' however, ...
(Securiteam) - [NT] Poisoning Cached HTTPS Documents in Internet Explorer
... Get your security news from a reliable source. ... "poison" a user's browser
cache with a malicious document that will later ... The attacker can exploit this vulnerability
for "replacing" HTML ... to communicate with a malicious web server over HTTPS without
the browser ... (Securiteam) - [NT] Webserver 4D Weak Password Preservation Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... complete Web Server environment
written entirely on top of 4th Dimension, ... WS4D web server saves the passwords
somewhere insecure. ... (Securiteam) - Re: 2003 Web Server Security flaw
... "Locked-down windows 2003 Web Server used only to host web sites". ... What
is your logic/rationale for Media Player being a required install ... The Media Player
patch was the ONLY that FAILED. ... > When talking about computer security, there
are areas that have no such ... (microsoft.public.windows.server.security) - Web session tracking security prob. Vulnerable: IIS and ColdFusion (maybe others)
... SECURITY PROBLEMS WITH WEB SERVERS' SESSION TRACKING MECHANISMS. ... 2001 we
reported the following problem (with specifics to IIS and SITESERVER) to the Microsoft Security
Response Center. ... These vulnerabilities, especially when combined with well-known cross-site
scripting vulnerabilities, could cause loss of confidentiality, failure of non-repudiation and fraud.
... The browser stores and returns the "ASPSESSIONID" or "CFID/CFTOKEN" values with each subsequent
request to the web server. ... (Vuln-Dev)
