Re: IIS Unicode Question

[Critical Watch Bugtraqqer <bugtraq () CRITICALWATCH COM>]

Leon--
Started looking at some of the .gov sites that he has recently broken into.
Did a request for nonexistantfile.idq ... many of them have their websites
on separate drives from the system drive.  Did they move the websites after
the fact/hack? Hard to tell. Gut check? Probably not.  Therefore, the
Unicode hole would not be effective and his claim still stands that he has a
gnu hole.


Nelson Bunker, CISSP
Co-founder
Critical Watch


----- Original Message -----
From: "Leon Rosenstein" <l_rosenstein () MONTELSHOW COM>
To: <INCIDENTS () SECURITYFOCUS COM>
Sent: Thursday, October 26, 2000 8:31 AM
Subject: IIS Unicode Question


> Now that this has come to the surface does anyone think that this is how
> Pimpshiz was able to deface all those sites?  Has anyone been able to
> examine logs from what he does and what this vulnerability does?  Just
> curious.