|Title:||IIS perl.exe problem|
|Summary:||Attempts to find the location of the remote web root|
It was possible to obtain the physical location of a
virtual web directory of this host by issuing the command :
GET /scripts/no-such-file.pl HTTP/1.0
An attacker may use this flaw to gain more information about the remote
host, and hence make more focused attacks.
Solution : Use perlis.dll instead of perl.exe.
Risk factor : Low
BugTraq ID: 194|
Common Vulnerability Exposure (CVE) ID: CVE-1999-0450
Bugtraq: 19990122 Perl.exe and IIS security advisory (Google Search)
|Copyright||This script is Copyright (C) 1999 Renaud Deraison|
|This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.