IIS volunrability scan results
From: Juan B (juanbabi_at_yahoo.com)
Date: 12/22/04
- Previous message: Mandelcorn, Seymour: "Recover SCO UNIX root password"
- Next in thread: Andrew Shore: "RE: IIS volunrability scan results"
- Maybe reply: Andrew Shore: "RE: IIS volunrability scan results"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Dec 2004 06:36:47 -0800 (PST) To: security-basics@securityfocus.com
HI,
I ran whcc against one of my company's web site (IIS).
this is what I reciecved:
Exploit: /./
Description: Appending '/./' to a directory may reveal
php source code.
Exploit: /?sql_debug=1
Description: The PHP-Nuke install may allow attackers
to enable debug mode and disclose sensitive
information by adding sql_debug=1 to the query string.
Exploit: /?"><script>alert("Vu
is this critical? can some one please expain or give
some links so Ican understand those results?
thanks very much !
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail
- Previous message: Mandelcorn, Seymour: "Recover SCO UNIX root password"
- Next in thread: Andrew Shore: "RE: IIS volunrability scan results"
- Maybe reply: Andrew Shore: "RE: IIS volunrability scan results"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
