Re: MSIIS servers patched/de-doored, but C and D keep coming back

From: Gary Flynn (flynngnat_private)
Date: Tue Aug 14 2001 - 11:42:17 PDT

Next message: jamie rishaw: "Very thorough scan of web apps-"

Previous message: Davis, Matt: "RE: MSIIS servers patched/de-doored, but C and D keep coming back"
In reply to: K P: "Re: MSIIS servers patched/de-doored, but C and D keep coming back"
Next in thread: Krull, Chris: "RE: MSIIS servers patched/de-doored, but C and D keep coming back"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

K P wrote:
> 
> Recently Microsoft announced that there was another vulnerability discovered
> in IIS systems configured with URL redirection that would allow Code Red II
> to compromise those systems.

It will cause a denial of service. Not a compromise.

Affected systems are NT4/IIS4 with URL redirection enabled.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/info-security/engineering/runsafe.shtml

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: jamie rishaw: "Very thorough scan of web apps-"
Previous message: Davis, Matt: "RE: MSIIS servers patched/de-doored, but C and D keep coming back"
In reply to: K P: "Re: MSIIS servers patched/de-doored, but C and D keep coming back"
Next in thread: Krull, Chris: "RE: MSIIS servers patched/de-doored, but C and D keep coming back"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Aug 14 2001 - 12:16:51 PDT