Security Basics mailing list archives

Re: MS IIS vulnerability

From: Fabien Vincent <fabvincent () gmail com>
Date: Sat, 12 Sep 2009 11:39:18 +0200

Hello,

First one is an RCE in NLST command (in the PoC in milw0rm they used a
shellcode from metasploit). Most of IPS have now protection against
Buffer Overflow in FTP Command.

The second one is a recursive LIST (ls "-r p*/../"). This one cannot
be detected as easily as the first one (nothing illegal or
suspicious).

But for twice you need :

an anonyous access or stolen account to execute it.
a folder in the root directory, to exploit the vulnerabilities.


Both has PoC in the wild. Just they don't work on IIS FTP 7.5 and 7.0
for the RCE.

Rgrds,

Fabien VINCENT
-------------------------------------------------------------------

On Wed, Sep 9, 2009 at 22:11, Simon Morris<mozrat () gmail com> wrote:

Hello,

What are the lists thoughts about the advisory below for IIS/FTP servers?

http://www.microsoft.com/technet/security/advisory/975191.mspx

It seems potentially serious but I haven't seen much on mailing lists I'm
subscribed to.

Thanks

~sm


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

MS IIS vulnerability Simon Morris (Sep 11)
- Re: MS IIS vulnerability Fabien Vincent (Sep 15)