COMMAND

    Netscape FastTrack

SYSTEMS AFFECTED

    Win NT running FastTrack v3.01

PROBLEM

    Matthew Patton found following.  Whereas almost every other robust
    webserver treats  lowercase "get/pub/head"  as illegal  operations
    and spits back a nice or  not so nice error, FastTrack provides  a
    directory listing!!

    Most  disturbingly,  directory  access  control  methods (at least
    when  using   .nsconfig  files)   are  completely   sidestepped  -
    directories to which users have no privs to see are happily listed
    to them but apparently only 1  level deep since the presence of  a
    '/' seems to kick the server into doing the right thing.  Even  in
    areas  in  which  no  control  is  being  asserted AND despite the
    presense of index.html (or equiv) you can get a directory  listing
    this way.  Example:

        get /foo

    provides a file list whereas

        get /foo/bar

    doesn't.  Attempts to fetch the files in the now exposed directory
    fail like they should, so not all is lost.

SOLUTION

    FastTrack/Enterprise v2 don't seem to be susceptible.   Enterprise
    v3 server  that was  tested also  did not  exhibit this  flaw.  To
    solve the  problem, turn  off directory  browsing completely  (see
    Netscape KB for details) and scream till a patch is produced.