Matt Power <mhpowerat_private> > > ... , will create a file called www.eEye.com.txt on the root of > >drive c. > > ... This proof of concept exploit is not to be used as a > >method of testing to see if your vulnerable or not. > > In some environments, security staff may be responsible for > identifying which IIS 5.0 servers, out of a large collection of them, > still do not have a fix in place for this vulnerability. The security > staff may not have any convenient way to check for the existence of Snip My suggestion a while back, when the IIS htr overflow first arrived, was to code up an exploit that downloads and installs the patch from a server certified (by yourself) as safe. This way you kill two birds with one stone ;-) Cheers, David Litchfield
This archive was generated by hypermail 2b30 : Thu May 03 2001 - 15:19:52 PDT