Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability

From: Andrew Thomas <andrew () unysen com>
Date: Tue, 15 May 2001 13:58:55 +0200
NSFBUGTRAQOCUS Security Advisory(SA2001-02)

Topic:  Microsoft IIS CGI Filename Decode Error Vulnerability

Affected system:
================

 - Microsoft IIS 4.0 
 - Microsoft IIS 5.0 

Not affected system:
====================

 - Microsoft IIS 4.0 
    + Microsoft Windows NT 4 + SP6/SP6a(without any new hotfix)


FWIW, you can add Microsoft-PWS to the list of affected systems -
just confirmed on NT4 W/S SP6.

Take care,
  Andrew
-
Andrew Thomas
office: +27 21 4889820
facsimile: +27 21 4889830
mobile: +27 82 7850166
 "One trend that bothers me is the glorification of
stupidity, that the media is reassuring people it's 
alright not to know anything. That to me is far more 
dangerous than a little pornography on the Internet." 
  - Carl Sagan
Previous By Date Next
Previous By Thread Next

Current thread: