Default configuration of Website Pro 2.0 opens security hole allowing remote attackers to upload new files and overwrite existing files. This is how www.idsoftware.com got hacked this week.
d18ec1180e4e3473f3c9ca5cac2a12363f136ffa2ba64be78adf862f98a4d655Date: Tue, 16 Feb 1999 17:45:09 -0600
From: Christian Antkow <xian@IDSOFTWARE.COM>
To: BUGTRAQ@netspace.org
Subject: Website Pro v2.0 (NT) Configuration Issues
As some of you might be aware, our website (www.idsoftware.com) was hacked
this morning using the "out-of-the-box" features of Website Pro 2.0. The
perpetrator used /cgi-dos/args.bat as well as /cgi-win/uploader.exe to
upload new files and overwrite our index.html file with a "Free Kevin"
webpage (identical to the opening page of www.2600.com).
Any admins out there running Website Pro for NT might want to double check
your security settings, and possibly remove these demo files if you don't
have an explicit need for them to exist.
Cheers,
-Xian
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed