fetamin's homepage (index)
about me (description)
projects (c)
news (from my life)
board (diskusne forum)
links (my best)



news - kecy


Sambar server Exploit (1) 
PRODUCT
-------
The Sambar Server is a multi-threaded HTTP, FTP and
Proxy server for Windows NT and Windows 95.


AFFECTED VERSIONS
-----------------
All version of Sambar server running under Windows NT 4.0 and
Windows 2000. Windows 98 version is vulnerable.


VULNERABILITY DESCRIPTION
-------------------------
The default installation of Sambar server, put into server's
/CGI-BIN/ directory two .BAT files - ECHO.BAT and HELLO.BAT.
These are simple files with just one "echo" command in them.
However under Windows NT these files can cause a lot of trouble.
The problem IMHO lays in CMD.EXE, the example follows:

http://yourdomain/cgi-bin/hello.bat?&dir+c:\

You'll see a nice listing of your C: drive :-))
Sambar server runs with Administrator privileges under NT so
even if you use NTFS, you still will be affected.


SOLUTION
--------
Delete any .BAT files in /CGI-BIN/ directory of your Sambar server.


CREDIT
------
This bug was discovered by Georich Chorbadzhiyski and Nikolay Tsvetkov.


Vyjadri sa na boarde