Hosting Provided By

WebInspect

From: Indian Tiger <indiantiger(at)mailandnews.com>
Date: Sun Jan 19 2003 - 10:38:25 EST

Hi,

I was using WebInspect and found Web DAV Support enabled. It's execution part suggests following to exploit:

Issue the following request to the server: PROPFIND / HTTP/1.0
Host:
Content-Length: 0
I can't understood, how to use these commands to exploit this vulnerability.

IIS was not showing any log after running WebInspect. I think the directory for this is c:\winnt\system32\logfiles

Sincerely,

Balwant Rathore, CISSP

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box?
CORE IMPACT does.
www.securityfocus.com/core Received on Wed Feb 19 16:56:04 2003

This message: [ Message body ]
Next message: Jeremy Junginger: "NetMeeting and H.323"
Previous message: Maarten: "php and netcat?"
Next in thread: David Litchfield: "Re: WebInspect"
Reply: David Litchfield: "Re: WebInspect"
Reply: Kevin Spett: "Re: WebInspect"
Reply: Dave McCormick: "Re: WebInspect"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:33 EDT