1&1 Windows Shared Hosting Vulnerability
Wednesday, December 10th, 2008There is a security hole that may be effecting thousands of 1&1 customers.
The bug/hole is as follows:
On ANY microsoft shared hosting site with 1&1, navigate to the home page, e.g. “http://www.1and1.co.uk/”.
Amend the URL to add a non-existant asp file with Get variables applied that include “;” or “%3B” (the escape/encoded version of the character).
i.e. “http://www.1and1.co.uk/qwerty.asp?;”
-Obviously replace “1and1.co.uk” with your domain name.
Hey presto, you get a listing of all files and folders in the sites root directory!
It should show a 404 error, but instead shows the directory.
Not a huge problem, but may expose sensitive files and any non public directories for potential hackers to probe.