Full Disclosure mailing list archives
IIS6 Security Issues
From: Matthew Wagenknecht <Matthew.Wagenknecht () Quantum com>
Date: Sun, 14 Sep 2003 14:40:59 -0600
I've been watching the lists for while looking for postingsof IIS6 flaws. I have only seen one to date. It was regarding IIS6 sessions and how poorly implemented they were. It also disclosed a possible attack vector on local accounts using the Admin pages. I haven't verified these yet. Has anyone heard of any other issues, problems, wierdities, etc with IIS6? Give as many details as possible. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Matt Wagenknecht CISSP | MCSE Security Administrator :::: echo oraios i syzygos kai polloi paidia :::: -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Never be afraid to try something new. Remember, amateurs built the ark; professionals built the Titanic. This email may contain confidential and privileged information for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies of this email message. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IIS6 Security Issues Matthew Wagenknecht (Sep 14)