|
In usual tradition, little information is to be had about the "Virtualized
UNC Share" problem talked about in MS00-019. Luckily, MS was nice enough
to submit an extra post to Bugtraq to give Adam Coyne credit.
Anyways, for those of you interested in the problem, making a request for
a file with a trailing '\' from a virtual directory hosted on a UNC share
will cause the source to be given. So, for example:
Virtual directory: /test/ -> \\some_server\share\
There exists \\some_server\share\test.asp
Now a simple request such as "GET /test/test.asp\ HTTP/1.0" will yeild the
source of test.asp.
- rain forest puppy
ps. No, I'm not dead. Fun stuff coming up *very* soon. :)
|
