Bugtraq mailing list archives
FW: Translate:f summary, history and thoughts
From: Russ <Russ.Cooper () RC ON CA>
Date: Tue, 15 Aug 2000 20:42:02 -0400
-----Original Message----- From: Russ [mailto:Russ.Cooper () RC ON CA] Sent: Tuesday, August 15, 2000 4:48 PM To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM Subject: Re: Translate:f summary, history and thoughts To be clear, there are two distinct vulnerabilities being referred to by Daniel called "TRANSLATE:f" 1. IIS 4.0/IIS 5.0 and virtual directories residing on UNC shares, patched by MS00-019. 2. IIS 5.0 (with or without MS00-019) patched by SP1 or MS00-058. IIS 4.0 boxes patched with MS00-019 are not vulnerable to the issues addressed by MS00-058 (which explains why there isn't an IIS 4.0 version of it). IIS 5.0 boxes patched with MS00-019 are vulnerable to the issues addressed by MS00-058, whether or not their ASP source resides on a UNC share or not. So, wrt MS00-058, IIS 4.0 users need do nothing (other than be sure you've gotten all of the other patches you should have). IIS 5.0 users should apply SP1 or the patch referred to in MS00-058. Some IIS users have told me that even after applying the appropriate fixes they are still vulnerable to Daniel's Translate:f tests. This is because other security steps have not been implemented on your systems to ensure that ASP source is not available upon request (namely incorrect permissions on web directories or files). Hopefully we won't be visiting this issue again in a year as another "RDS-like" problem that nobody has remembered to fix. Cheers, Russ - NTBugtraq Editor
Current thread:
- Translate:f summary, history and thoughts Daniel Dočekal (Aug 16)
- <Possible follow-ups>
- FW: Translate:f summary, history and thoughts Russ (Aug 16)