Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested.

From: Kevin Spett (kspett@spidynamics.com)
Date: Thu Dec 19 2002 - 17:46:15 EST

• Next message: Nick Jacobsen: "command-line reverse connection tunnel?"
• Previous message: Jon DeShirley: "Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Maybe in reply to: Ralph Los: "Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Next in thread: C-Foo: "Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Try POSTing the actual commands to it. For more info on NetWare web stuff,
check out RFP's Blackhat presentation.

Kevin Spett
SPI Labs
http://www.spidynamics.com/

> ----- Original Message -----
> From: "Ralph Los" <RLos@enteredge.com>
> To: <Pen-test@securityfocus.com>
> Sent: Wednesday, December 18, 2002 3:28 PM
> Subject: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As
> sistence requested.
>
>
> > Hey - let me re-open a thread again, if you folks don't mind. I've
found
> a
> > server at one of our pen-test clients with this NetWare HTTP/HTTPS
server.
> > I've been trying to figure out a way to make it tango, but have been
> having
> > some problems. Here's what I've tried and where I left off, maybe
someone
> > can toss some suggestions out.
> >
> > Attempt: http://address/perl/-v
> > Result: NetWare port Copyright 1998 Novell Corporation.
> > All rights reserved.
> >
> > Attempt: http://address/perl/-h
> > Result: Page not found
> >
> > Attempt: http://address/perl/-e%20print%20%22hello%20world%22;
> > Result: IE just hangs there "DONE"
> >
> > Attempt: http://address/perl/-e%20print%201;
> > Result: IE just hangs there "DONE"
> >
> > So what's up? Is this box "patched" against this form of attack
somehow?
> > Could someone throw me another idea maybe?
> >
> > Thanks a bunch.
> >
> >
>
> --------------------------------------------------------------------------
> --
> > This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities please
> see:
> > https://alerts.securityfocus.com/
> >
> >
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Nick Jacobsen: "command-line reverse connection tunnel?"
• Previous message: Jon DeShirley: "Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Maybe in reply to: Ralph Los: "Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Next in thread: C-Foo: "Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT