I through together a proxy-based testing tool for the .ida / .idq vulnerability. The PHP source will be available when I take a second look through the scripting and remove any bugs I find. Thanks much to Chris St. Clair for developing the test procedures. http://www.sec33.com/webtools/iii At this point, it wigs out if you scan a server that is not IIS, so don't! Nah.. Just the output is a little wierd sometimes - <grin> Will fix this later. Thanks. ./Kelvin ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 12:44:46 PDT