Re: Major Security Hole
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 18818
interpreted = N
texte = I hit the following page on your site:http://database.columbusrealestate.com/search.tmplAppending the URL with _any_ string beginning with a colon (:) showed meyour [include] tags. I could not duplicate this on our servers, nor onwww.smithmicro.com, www.smithmicro.com, or www.webdna.netCan you tell us a little more about your server setup (other plugins, etc)?-DaveAt 1:09 PM 7/13/98, Paul Uttermohlen wrote:>Major Security Hole,>>Earlier this month, Mac Webmasters got a chuckle at the security hole>exposed in IIS using that text ::$DATA at the end of a url for .tpl or>.asp, etc.>>Cool. It reveals the code that we all thought was hidden because it was>processed on the server. The fix was to map .tpl::$DATA to the webcat .dll.>Simple enough. It works.>>BUT Macs are susceptible to this as well! And you can't, or at least I>couldn't, map .tmpl::$DATA to webcatalog. It still reveals the WebDNA tags.>NOT good if you are showing and hiding text based on passwords like [showif>[password]=3294.bob]. Now it becomes simple to find the once hidden>passwords.>>Any body got any ideas?>>Anyone know why I can't map .tmpl::$DATA to Webcatalog on Webstar? Maybe>the $ is the problem.>>Thanks, Paul>>> _/_/_/_/_/_/_/_/_/_/_/_/|\_\_\_\_\_\_\_\_\_\_\_\_> _/_/_/Paul Uttermohlen, Internet Marketspace, Inc. \_\_\_\_> _/_/_/ mailto:paul@ims1.com - Website Development \_\_\_\_> _/_/_/ Business -
_\_\_\_\_\_\_\_\_\_\_> _/_/_/ Real Estate - _\_\_\_\_> _/_/_/Websites - Children _/ _\_\_\_>_/_/_/_/_/_/_/_/_/_/_/_/_/_/ | \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_o--------------- Dave MacLeay --+o----------- Digital Frontier --+o--- dave@digitalfrontier.com --+
Associated Messages, from the most recent to the oldest:
I hit the following page on your site:http://database.columbusrealestate.com/search.tmplAppending the URL with _any_ string beginning with a colon (:) showed meyour [include] tags. I could not duplicate this on our servers, nor onwww.smithmicro.com, www.smithmicro.com, or www.webdna.netCan you tell us a little more about your server setup (other plugins, etc)?-DaveAt 1:09 PM 7/13/98, Paul Uttermohlen wrote:>Major Security Hole,>>Earlier this month, Mac Webmasters got a chuckle at the security hole>exposed in IIS using that text ::$DATA at the end of a url for .tpl or>.asp, etc.>>Cool. It reveals the code that we all thought was hidden because it was>processed on the server. The fix was to map .tpl::$DATA to the webcat .dll.>Simple enough. It works.>>BUT Macs are susceptible to this as well! And you can't, or at least I>couldn't, map .tmpl::$DATA to webcatalog. It still reveals the WebDNA tags.>NOT good if you are showing and hiding text based on passwords like [showif>[password]=3294.bob]. Now it becomes simple to find the once hidden>passwords.>>Any body got any ideas?>>Anyone know why I can't map .tmpl::$DATA to Webcatalog on Webstar? Maybe>the $ is the problem.>>Thanks, Paul>>> _/_/_/_/_/_/_/_/_/_/_/_/|\_\_\_\_\_\_\_\_\_\_\_\_> _/_/_/Paul Uttermohlen, Internet Marketspace, Inc. \_\_\_\_> _/_/_/ mailto:paul@ims1.com - Website Development \_\_\_\_> _/_/_/ Business - _\_\_\_\_\_\_\_\_\_\_> _/_/_/ Real Estate - _\_\_\_\_> _/_/_/Websites - Children _/ _\_\_\_>_/_/_/_/_/_/_/_/_/_/_/_/_/_/ | \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_o--------------- Dave MacLeay --+o----------- Digital Frontier --+o--- dave@digitalfrontier.com --+
Dave MacLeay
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Re1000002: Setting up shop (1997)
Setting up shop (1997)
Which GUI HTML editors work with WC ? (1997)
PIXO support (1997)
[WebDNA] JSON parsing (2010)
Quiz question: Return all green and blank records? (2001)
japanese characters (1997)
HELP WITH DATES (1997)
ShipTotal Again (1998)
Using [Showif] tag. Mac (1997)
Any way to retrieve information from clipboard? (1999)
GuestBook example (1997)
[showif [numfound]=0]? (2000)
[DOS] (1999)
Limiting user access to .tmpl files (1997)
Add to Cart & List of Products (1997)
Using the sendmail command on CGate Pro (Unix) (2000)
[CART] inside a [LOOP] (1997)
Database Upload (2000)
Running 2 two WebCatalog.acgi's (1996)