RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability

From: Andrew Thomas (andrewat_private)
Date: Tue May 15 2001 - 04:58:55 PDT

Next message: inc: "3COM OfficeConnect DSL router vulneratibilities"

Previous message: Johann Klasek: "Re: Solaris /usr/bin/mailx exploit (SPARC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> NSFBUGTRAQOCUS Security Advisory(SA2001-02)
> 
> Topic:  Microsoft IIS CGI Filename Decode Error Vulnerability
> 
> Affected system:
> ================
> 
>  - Microsoft IIS 4.0 
>  - Microsoft IIS 5.0 
> 
> Not affected system:
> ====================
> 
>  - Microsoft IIS 4.0 
>     + Microsoft Windows NT 4 + SP6/SP6a(without any new hotfix)

FWIW, you can add Microsoft-PWS to the list of affected systems -
just confirmed on NT4 W/S SP6.

Take care,
  Andrew
-
Andrew Thomas
office: +27 21 4889820
facsimile: +27 21 4889830
mobile: +27 82 7850166
 "One trend that bothers me is the glorification of
stupidity, that the media is reassuring people it's 
alright not to know anything. That to me is far more 
dangerous than a little pornography on the Internet." 
  - Carl Sagan

Next message: inc: "3COM OfficeConnect DSL router vulneratibilities"
Previous message: Johann Klasek: "Re: Solaris /usr/bin/mailx exploit (SPARC)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 15 2001 - 11:22:39 PDT