欢迎来到福编程网,本站提供各种互联网专业知识!

NET IIS暴绝对路径漏洞

发布时间:2007-02-09 作者: 来源:转载
Title:MicrosoftASP.NETMayDiscloseWebDirectorytoRemoteUsersinCertainCasesDescription:IftheASP.NETapplicationdoesnotfiltertheerrormessage,thewebdirectoryinformationmaybedisclosedtoremoteusersbyusinganunavailablefilewhichstartwith"~".Hi,I'm
Title:MicrosoftASP.NETMayDiscloseWebDirectorytoRemoteUsersinCertainCases
Description:IftheASP.NETapplicationdoesnotfiltertheerrormessage,theweb
directoryinformationmaybedisclosedtoremoteusersbyusinganunavailablefile
whichstartwith"~".
Hi,I'mSoroushDalilifromGrayHatzSecurityGroup(GSG).Ifoundnewthingin.NET
FrameworkVersion:1.1(.ASPXFiles).
Iferrormodein.netconfigurationison,Runanunavailableaspxfilethatstartwith
"~"cancauseshowingfullpathinbrowsers.
ForExample:Http://[URL]/~foo.aspx
------------------------------------------------------------------------
Note:Version2havenotthisbuganditreturnfiledoesnotexist

VendorURL:www.microsoft.com
Version:1.1
Soloution:Updatetoversion2orenableerrorfiltering
Finder:SoroushDalili
Team:GSG[GrayHatzSecuritygroup]
Web:grayhatz.net
Country:Iran
Email:Irsdl[a.t]yahoo[d.o.t]com


搜索引擎inurl:aspx,然后随便点个连接,在url后输入~fly_ocean.aspx,即可暴出绝对路径。

例如:
http://www.fodonline.com/qihuoju/default.aspx~fly_ocean.aspx
用于监视的文件名无效:“D:aaaqihuojudefault.aspx~fly_ocean.aspx”。用于监视的文件名必须具有绝对路径,并且不包含通配符。
版本信息:Microsoft.NETFramework版本:1.1.4322.2300;ASP.NET版本:1.1.4322.2300

相关推荐