In my opinion this is a big deal. Forgot the RDS exploit found by Greg Gonzalez? In the past months a great deal of webpages have been defaced. A majority of theme were hosted on IIS4 servers. r.f.p. wrote an exploit I think was called msadc.pl. What this exploit did was letting you into a cmd /c shell. issuing a "echo" command from this shell will able you to do uhm.. a whole lot. including overwriting the index.htm/l file. But, alot of lamers got their hands on this exploit, but they weren't able to locate the index file(a lot of people rewrote the exploit so that it scanned for the index file, probably using this bug http://www.microsoft.com/anything.ida) Kristoffer Ustad Computer Consultant(in need of job) Vanja Hrustic wrote: > This has been mentioned before, but it's probably good to remind > Microsoft about some outstanding issues. > > Request : http://www.microsoft.com/anything.ida > Response: The IDQ file d:\http\anything.ida could not be found. > > Request : http://www.microsoft.com/anything.idq > Response: The IDQ file d:\http\anything.idq could not be found. > > Microsoft is running IIS5 > > The same problem still exists on IIS4 (tested with SP5 - didn't try on > SP6). > > It's not really a big deal, but they should fix it. > > -- > > Vanja Hrustic > The Relay Group > http://relaygroup.com > Technology Ahead of Time *************************************************************************** This footnote confirms that this email message and any files transmitted with it has been swept by MIMEsweeper for the presence of computer viruses. ***************************************************************************
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:28:01 PDT