Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


[0day] Inktomi Search Engine Internal Server error.
.

  • Subject: [0day] Inktomi Search Engine Internal Server error.
  • From: sl0th at r00thell.ath.cx (the sl0th)
  • Date: Sun Jul 13 08:48:06 2003
.
 
Hi there,

Was playing around with Inktomi search engine (www.inktomi.com) and i came across this

http://sitesearch.inktomi.com/query.html?&charset=%3C

After some search on goole for +query.html +inctomi +powered I found a couple of more
sites just to verify.
Some of those are not vulnerable to the same type of attack, but by playing around
with options i figure this query options that work most of the time.
?col=%3C&ht=%3C&qp=%3C&qs=%3C&qc=%3C&pw=%3C&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=%3C
?col=%3C&ht=1&qp=&qs=&qc=&pw=&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=0

Here are some off the sites appeared to be affected.

http://www.usc.edu:8765/udf/query.html?col=%3C&ht=%3C&qp=%3C&qs=%3C&qc=%3C&pw=%3C&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=%3C
http://search.nwfusion.com/query.html??col=%3C&ht=1&qp=&qs=&qc=&pw=&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=0
http://search.nrel.gov/query.html?col=%3C&ht=%3C&qp=%3C&qs=%3C&qc=%3C&pw=%3C&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=%3C
http://search.utoronto.ca:8765/uoftall/query.html?col=%3C&ht=1&qp=&qs=&qc=&pw=&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=0
http://www.search.bham.ac.uk/query.html?col=%3C&ht=1&qp=&qs=&qc=&pw=&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=0
http://search.spacelink.nasa.gov/query.html?col=%3C&ht=%3C&qp=%3C&qs=%3C&qc=%3C&pw=%3C&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=%3C
http://askeric.org:8765/query.html?col=%3C&ht=1&qp=&qs=&qc=&pw=&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=0
http://odysseus.ieee.org/query.html?col=%3C&ht=%3C&qp=%3C&qs=%3C&qc=%3C&pw=%3C&la=%3C&charset=%3C&si=0&ws=0&qm=0&ql=0&qt=%3C


---------

I did a search on SF bids and google and i couldn't find anything about this vuln so
i post it here. Also some of the sites that run inktomi does not appear to be
vulnerable, my guess is that newer versions got this fixed or as a friend suggested
since this output looks like debug output it may be that some sites forgot to disable
debuging.
Anyways since i have no knowledge of python or inktomi i leave it up to you guys.
A saved output of the error can be found at http://kizoku.ath.cx/query.html.


Cheers
./sl0th

DISCLAIMER:
Forgive my shity english :-}
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.