It is possible to detect short names of files and directories which have an 8.3 file naming scheme equivalent in Windows by using some vectors in several versions of Microsoft IIS. For instance, it is possible to detect all short-names of ".aspx" files as they have 4 letters in their extensions. This can be a major issue especially for the .Net websites which are vulnerable to direct URL access as an attacker can find important files and folders that they are not normally visible.
- Consult the "Prevention Technique(s)" section from Soroush Dalili's paper on this subject. A link to this paper is listed in the Web references section below.
- PHP.exe Windows CGI for Apache may let remote users view files on the server
- WordPress Plugin Page and Post Clone Information Disclosure (1.1)
- WordPress Plugin Ultimate Member-User Profile & Membership Information Disclosure (1.2.5)
- WordPress Plugin Grand Flagallery-Photo Gallery Information Disclosure (4.24)
- Drupal 7 arbitrary PHP code execution and information disclosure