Hosting Provided By

Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested.

From: C-Foo <c-foo(at)cox.net>
Date: Thu Dec 19 2002 - 23:57:16 EST

Yo,

According to any NetWare 5.1 server (and this might be under previous versions as well) under the sys:perl\perl5.txt file, you can find where the perl scripts reside. You guys are attempting to hit http://address/perl/-v, the address http://address/perl/ actually resides on the NetWare box under Sys:Novonyx\suitespot\docs\perlroot\

Under that directory there is a samples directory that I would recommend get moved or deleted. It contains some sample perl scripts in there that may cause undesired results.

Here is a listing of them that you may want to try if you want to see.

http://address/perl/samples/cardsamp.plhttp://address/perl/samples/echo.plhttp://address/perl/samples/env.plhttp://address/perl/samples/guestboo.plhttp://address/perl/samples/lancgi.plhttp://address/perl/samples/ndslogin.plhttp://address/perl/samples/pizzacgi.plhttp://address/perl/samples/statcgi.plhttp://address/perl/samples/volscgi.plhttp://address/perl/samples/counter/counter.plhttp://address/perl/samples/Database/perlDbGetTables.plhttp://address/perl/samples/Database/perldbquery1.plhttp://address/perl/samples/Database/perldbquery2.plhttp://address/perl/samples/genie/genie.plhttp://address/perl/samples/today/formdate.plhttp://address/perl/samples/today/today.plhttp://address/perl/samples/veryinteresting/veryinteresting.pl

the http://address/perl/-v will not cause any harm that I have seen other than reveal to your users and to the public what OS you are running so they won't have to NMAP -sS -O your DNS name or IP. If you aren't using that directory, place some NDS Lockdown on it, you may want to test moving it or deleting it, but I don't recommend it.

Regards,

C-Foo

Do you need help?

Ralph Los wrote:

>Hey - let me re-open a thread again, if you folks don't mind. I've found a

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ Received on Fri Dec 20 10:27:15 2002

This message: [ Message body ]
Next message: Alfred Huger: "List Shutdown (Holidays)"
Previous message: Nick Jacobsen: "command-line reverse connection tunnel?"
In reply to: Ralph Los: "Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested."
In reply to Dawes, Rogan (ZA - Johannesburg): "RE: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 - -As sistence requested."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:31 EDT