Re: Active Perl path reveal
From: alan fong (alan.fong@city.ottawa.on.ca)Date: 12/31/01
- Previous message: blackshell@hushmail.com: "blackshell2: zml.cgi remote exploit"
- Maybe in reply to: antoan miroslavov: "Active Perl path reveal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 31 Dec 2001 17:31:10 -0000 From: alan fong <alan.fong@city.ottawa.on.ca> To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
In-Reply-To: <20011229185339.24430.qmail@mail.securityfocus.com>
Any extension that IIS maps to C:\perl\bin\Perl.exe
causes this problem (not necessarily .pl).
You can define a custom error page for 502 errors to
hide your path.
You can also map to C:\perl\bin\PerlIS.dll but there
are some differences so don't blame me if anything
blows up.
Cheers.
- Previous message: blackshell@hushmail.com: "blackshell2: zml.cgi remote exploit"
- Maybe in reply to: antoan miroslavov: "Active Perl path reveal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
