WebApp Sec mailing list archives

RE: Problems with IIS

From: Marcelo VillalÃ³n Mendez <mvillalon () secureit cl>
Date: Wed, 14 Jul 2004 15:49:25 -0400

Hi Marcelo, i think you have to analyze the querystring of your pages, it seems to be a SQL-Inyection attack.
 
Most likely solution to his type of attack is to validate every parameter before do anything.
 
You also install URLScan to run with IIS (free MS software).
 
Good luck
Marcelo VillalÃ³n M.
 

        -----Mensaje original----- 
        De: Marcelo LeÃ£o Caffaro [mailto:leao () employer com br] 
        Enviado el: MiÃ© 14-07-2004 7:25 
        Para: webappsec () lists securityfocus com 
        CC: 
        Asunto: Problems with IIS

Current thread:

Problems with IIS Marcelo Leão Caffaro (Jul 14)
- Re: Problems with IIS Burak DAYIOGLU (Jul 14)
- Re: Problems with IIS Mark Burnett (Jul 14)
  - .NET custom Textbox control Arian J. Evans (Jul 16)
- Re: Problems with IIS Roshen Chandran (Jul 15)
- Re: Problems with IIS Roshen Chandran (Jul 15)
- RE: Problems with IIS Dinis Cruz (Jul 15)
  - RE: Problems with IIS Frank Knobbe (Jul 16)
- <Possible follow-ups>
- RE: Problems with IIS sk3tch (Jul 14)
- RE: Problems with IIS Marcelo VillalÃ³n Mendez (Jul 15)
- RE: Problems with IIS Stan Guzik (Jul 16)
- RE: Problems with IIS Dinis Cruz (Aug 11)
  - RE: Problems with IIS Andrew van der Stock (Aug 11)