Security Incidents mailing list archives

Re: IIS Exploit...

From: Hugo van der Kooij <hvdkooij () VANDERKOOIJ ORG>
Date: Wed, 9 May 2001 08:04:52 +0200

On Tue, 8 May 2001, Chris Hobbs wrote:

Moral of the story: I upgraded to SP6A on this NT4 box 10 days ago.
Running IIS 4.0 still. I assumed that SP's applied patches to the web
server as well as the OS - either this isn't the case, or something new
developed in those last 10 days.


Soma issues are patched. But if you check their advisories you know you
don't get them all unless you keep up by fixing them manually as they are
released.

Hugo.

--
All email send to me is bound to the rules described on my homepage.
    hvdkooij () vanderkooij org         http://hvdkooij.xs4all.nl/
            Don't meddle in the affairs of sysadmins,
            for they are subtle and quick to anger.

Current thread:

IIS Exploit... Chris Hobbs (May 08)
- Re: IIS Exploit... Hugo van der Kooij (May 08)
- Re: IIS Exploit... Bob Johnson (May 10)
- Re: IIS Exploit... Brian Caswell (May 10)
- <Possible follow-ups>
- Re: IIS Exploit... Schmidt, Mike (May 10)