WebServer Pro All Version Vulnerability

2001-03-20T00:00:00
ID SECURITYVULNS:DOC:1403
Type securityvulns
Reporter Securityvulns
Modified 2001-03-20T00:00:00

Description

-- WebSite Pro 2.5.4/all versions Vulnerability -- March 15, 2001

Website Pro, all versions, reveals the web directory with a simple

character similar to the past vulnerability but all have been fixed

except this one.

Example:

www.target.com/:/ <-this will reveal the exact location

403 Forbidden File for URL /:/ (E:\webdir\:) cannot be accessed: The filename, directory name, or volume label syntax is incorrect.

(code=123)

No fix yet.

~~~~~~~~~~~~~~~~~~~~ Wildman www.hackcanada.com wildman@hackcanada.com