Vulnerability Development mailing list archives
Re: more iis-unicode questions
From: "J. J. Horner" <jhorner () 2JNETWORKS COM>
Date: Thu, 26 Oct 2000 10:33:15 -0400
What permissions stop the attack? I've seen machines that aren't vulnerable before patching, and I've seen machines with SP5 patched and still vulnerable. Any ideas? Jon On Thu, Oct 26, 2000 at 07:47:53AM -0300, JRC - Techno Logic Consulting wrote:
Yes, I was tested with several Servers and works. But, when the security rights of the files in the server was correctly configured, the security stops the atack. ----- Original Message ----- From: aliver vilereal To: VULN-DEV () SECURITYFOCUS COM Sent: Wednesday, October 25, 2000 11:10 PM Subject: more iis-unicode questions has anyone seen the iis-unicode exploit run over https? i'm not crazy for thinking it is possible am i? i'm sorry to keep asking questions of the list, but i haven't been able to install iis and test these things, becasuse i am away from where my disk is. thanks again aliver vilereal ubermother
-- J. J. Horner jjhorner () bellsouth net System has been up: 20 days.
Current thread:
- more iis-unicode questions aliver vilereal (Oct 26)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)
- Re: more iis-unicode questions Erik Tayler (Oct 27)
- Re: more iis-unicode questions J. J. Horner (Oct 27)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)
- <Possible follow-ups>
- Re: more iis-unicode questions Fleck, Michael (Oct 27)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)