Re: Fw: New vulnerability in IIS4.0/5.0

From: Renaud Deraison (deraisonat_private)
Date: Wed Sep 19 2001 - 09:48:11 PDT

  • Next message: H D Moore: "Re: Fw: New vulnerability in IIS4.0/5.0"

    On Wed, Sep 19, 2001 at 06:29:19PM +0200, Felix Huber wrote:
    > I just wrote a NASL for this Bug. Its untested but I hope it works.
    > The problem was I found no IIS where I could reproduce this error ( I testet
    > five IIS 4 and IIS 5 Boxes ).
    > I will improve it when i found a working Box ...
    
    I think it would be wiser to re-use iis_dir_traversal.nasl, which was
    heavily worked on and which does not only check for /scripts.
    
    Attached is a modified version of it (but I don't know if it works or
    not, I could not reproduce the flaw yet).
    
    
    				-- Renaud
    
    
    



    This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 09:47:48 PDT