Re: IIS : access to cmd.exe and multiple commands on one line

• Previous message: Emre Yildirim: "Re: IIS : access to cmd.exe and multiple commands on one line"
• In reply to: Daniel Polombo: "IIS : access to cmd.exe and multiple commands on one line"
• Next in thread: Daniel Polombo: "Re: IIS : access to cmd.exe and multiple commands on one line"
• Reply: Daniel Polombo: "Re: IIS : access to cmd.exe and multiple commands on one line"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <20011024124426.73483.qmail@bsd.ultra-secure.de>
From: "Rainer Duffner" <rainer@ultra-secure.de>
To: Daniel Polombo <polombo@cartel-info.fr>
Subject: Re: IIS : access to cmd.exe and multiple commands on one line
Date: Wed, 24 Oct 2001 12:44:26 GMT

Daniel Polombo writes:

> Hello,

> It is unclear to me whether this problem happens only because of the way
> the request is made (http://path/to/cmd.exe?/c+command1&command2), or if
> there are really different versions of cmd.exe.

That may well be the case.
It gets changed during service-packs and hotfix updates.
Also, the perl-manual mentions something in the direction of "some
functionality crept in...".

Anyway, as another poster mentioned, the whole commandline-tools are not
consistent - and thus not usable beyond simple "batch-files".

cheers,
Rainer

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rainer Duffner                   Munich
rainer@ultra-secure.de          Germany
http://www.i-duffner.de        Freising
========================================
    When shall we three meet again
  In thunder, lightning, or in rain?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Previous message: Emre Yildirim: "Re: IIS : access to cmd.exe and multiple commands on one line"
• In reply to: Daniel Polombo: "IIS : access to cmd.exe and multiple commands on one line"
• Next in thread: Daniel Polombo: "Re: IIS : access to cmd.exe and multiple commands on one line"
• Reply: Daniel Polombo: "Re: IIS : access to cmd.exe and multiple commands on one line"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: faster scans? (nmap) ... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: pen test help please asap ... > Machine A on client site makes a configurable encrypted OUTBOUND ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) Re: ettercap help ... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: CFM SQL injection ... You should better use union or alike get unauthorized data from the ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: ettercap help ... > I can get it to sniff telnet, ftp, pop, smb, but no vnc. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint