Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Fri, 17 Mar 2000 18:30:05 +0700
From: Vanja Hrustic <vanja@relaygroup.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [SAFER 000317.EXP.1.5] Netscape Enterprise Server and '?wp' tags

__________________________________________________________

      S.A.F.E.R. Security Bulletin 000317.EXP.1.5
__________________________________________________________


TITLE    : Netscape Enterprise Server and '?wp' tags
DATE     : March 17, 2000
NATURE   : Remote user can obtain list of directories on Netscape
Enterprise Server
AFFECTED : Netscape Enterprise Server 3.x

PROBLEM:

Problem exists in Netscape Enterprise Server that can allow remote user
to obtain list of directories and subdirectories on the server.

DETAILS:

Netscape Enterprise Server with 'Web Publishing' enabled can be tricked
into displaying the list of directories and subdirectories, if user
supplies certain 'tags'. For example:

http://home.netscape.com/?wp-cs-dump

will reveal the contents of the root directory on that web server.
Contents of subdirectories can be obtained as well. Other tags that can
be used are:

?wp-ver-info
?wp-html-rend
?wp-usr-prop
?wp-ver-diff
?wp-verify-link
?wp-start-ver
?wp-stop-ver
?wp-uncheckout

FIXES:

Disable 'Web Publishing'. It is safe to assume that 'Web Publishing' is
not the only feature that will 'activate' this problem. We have found
few servers running Netscape Enterprise Server that did not have 'Web
Publishing' enabled, but were still vulnerable to this problem. Until
Netscape makes an official response and clarify what is the cause of
this problem, it is advised that you test your server against this
vulnerability, and if you are vulnerable, try to disable certain
features and services.

Netscape has been contacted on many occasions, but has failed to
respond.

__________________________________________________________

   S.A.F.E.R. - Security Alert For Entreprise Resources
          Copyright (c) 2000 The Relay Group
 http://safer.siamrelay.com  ---  security@relaygroup.com
__________________________________________________________

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

ПОДПИШИСЬ НА ЖУРНАЛ Linux Format 2012! Журнал "Linux Format" (Линукс Формат)- Единственный в России и странах СНГ журнал на русском языке, посвящённый Linux и свободному ПО. Журнал для IT-директоров, IT-менеджеров, программистов, системных администраторов, учителей школ и преподавателей ВУЗов и всех пользователей ПК. В каждом выпуске: Новости индустрии OpenSource, обзоры новинок свободного ПО, обучающие и методические статьи. Каждый, кто оформит подписку, получает бонусы и подарки- объёмные наклейки на системный блок, диск с архивом номеров за 2005-2011 г.г. и ежемесячно электронную версию журнала в pdf-формате. Оформить подписку на год