iis4.path.txt

1999-12-10T00:00:00
ID PACKETSTORM:10200
Type packetstorm
Reporter security.nnov.ru
Modified 1999-12-10T00:00:00

Description

                                        
                                            `Hello,  
  
There is another one way to retrieve a full path to local files in  
IIS4:  
  
If there is external CGI application configured for some file type  
and this application doesn't produce correct HTTP headers IIS  
generates an error with output of application (both stdout and  
stderror). The problem is, that IIS doesn't check existance of the  
requested file before calling CGI application.  
  
For example, if perl configured as an external CGI program for .pl  
files and user requests nonexistent .pl file  
(http://www.somehost.com/nonexistant.pl) IIS calls perl with  
nonexistant.pl, and generates error message:  
  
  
"<head><title>Error in CGI Application</title></head>  
<body><h1>CGI Error</h1>The specified CGI application misbehaved by not  
returning a complete set of HTTP headers. The headers it did return  
are:<p><p><pre>Can't open perl script  
"d:\inetpub\wwwroot\present\security\nonexistant.pl":  
No such file or directory  
</pre>"  
  
  
http://www.security.nnov.ru  
/\_/\  
{ . . } |\  
+--oQQo->{ ^ }<-----+ \  
| 3APA3A U 3APA3A }  
+-------------o66o--+ /  
|/  
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*  
  
  
`