Re: Webserver file request parsing

[John <johns () TAMPABAY RR COM>]

I think NSFOCUS, could sum up your questions better
than I could and they included the details in their
advisory ;) The advisory can be obtained below.

http://www.nsfocus.com/english/homepage/sa_07.htm

Wendel wrote:
> Hi,
>
> Thkz fpr help me!! :)
> I had read it bolletin... :)
> But i want informations about...how to can i exploit it ....!! :)
> Do you know ??
> thkz for all
> [ ]'s
>
> -----Mensagem original-----
> De: John <johns () tampabay rr com>
> Para: sekure <sekure () hadrion com br>
> Cc: VULN-DEV () SECURITYFOCUS COM <VULN-DEV () SECURITYFOCUS COM>
> Data: Quarta-feira, 14 de Marco de 2001 0:54
> Assunto: Re: Webserver file request parsing
>
> > I think you are referring to the Microsoft Security
> > Bulletin (MS00-086). It is located at the below url.
> >
> > http://www.microsoft.com/technet/security/bulletin/MS00-086.asp
> >
> > sekure wrote:
> > > Hi all,
> > > i recive by mail..."a information about a new vulnerability to IIS" that
> can
> > > allow a malicious user to execute arbitraty commands. The name of vuln
> is:
> > > Webserver file request parsing
> > > Somebody know anythink more ?? How to it work ? How to exploit ? How are
> > > affected ?
> > >
> > > Thkz for all
> > > [ ]'s
> > > Best Regards,
> >
> > --
> > The events which transpired five thousand years ago;
> > Five years ago or five minutes ago, have determined
> > what will happen five minutes from now; five years
> > > From now or five thousand years from now.
> > All history is a current event."
> >
> > - Dr John Henrik Clake -

--
The events which transpired five thousand years ago;
Five years ago or five minutes ago, have determined
what will happen five minutes from now; five years
> From now or five thousand years from now.
All history is a current event."

- Dr John Henrik Clake -