[NT] Resin DOS Device Path Disclosure

From: support@securiteam.com
Date: 07/17/02


From: support@securiteam.com
To: list@securiteam.com
Date: Wed, 17 Jul 2002 13:00:26 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Resin DOS Device Path Disclosure
------------------------------------------------------------------------

SUMMARY

It is possible to disclose the physical path to the web root. This
information could be useful to a malicious user wishing to gain illegal
access to resources on the server.

DETAILS

Vulnerable systems:
 * Resin 2.1.1 on Windows 2000 Server
 * Resin 2.1.2 on Windows 2000 Server

Immune systems:
 * Resin 2.1.s020711 on Windows 2000 Server

Requesting certain DOS devices, such as lpt9.xtp, results in an error
message that contains the physical path to the web root.

500 Servlet Exception
java.io.FileNotFoundException: C:\Documents and
Settings\Administrator\Desktop\resin-2.1.1\resin-2.1.1\doc\aux.xtp
(Access is denied)

Vendor response:
The vendor was notified on 22 May 2002. On 12 July, we verified that the
problem was corrected in the latest build (s020711).

Corrective action:
Upgrade to a newer version. This issue was first resolved in build
s020711, available here: <http://www.caucho.com/download/index.xtp>
http://www.caucho.com/download/index.xtp

ADDITIONAL INFORMATION

The information has been provided by <mailto:pgrundl@kpmg.dk> Peter
Gründl.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.



Relevant Pages

  • [NT] Resin Large Parameter Denial of Service
    ... * Resin 2.1.1 standalone on Windows 2000 Server ... This was reported to the vendor on the 22nd of May, ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • SecurityFocus Microsoft Newsletter #154
    ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #49
    ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ...
    (Focus-Microsoft)
  • ~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~
    ... acrobat cannot find external windows handler ... activesync cannot find exchange server ... aol internet explorer cannot find server ... brother network scanner cannot find pc ...
    (sci.geo.fluids)
  • ~~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ... cannot find server or dns error ... windows cannot find null ... windows cannot find the network path ... cannot find internet explorer on computer ...
    (comp.protocols.snmp)