On Fri, 4 May 2001, Lance Newman wrote:
> does anyone know if you can solve that Microsoft IIS server security
> flaw that hackers are currently exploiting by tweaking the MS kernel? If
> you know how please let me know. Everything we got running here is
> Microsoft...
It only affects IIS 5.0 on Win2k if you're referring to the latest
problem. Removing the mapping for .printer files will fix the problem
without a reboot, but the problem could be unfixed later. Applying the
patch fixes it, but requires a reboot.
If you're just getting around to this, I'd advise subscribing to
NTBugtraq[1], as this seems to be actively exploited and it's two days old
if you're only worried about the IIS 5.0 vulnerability.
This is hardly the only IIS vulnerability currently being exploited by the
attacker community. NT 4.0 IIS servers require something like 32 patches
to become current from a base install. This is probably drifting off
topic for firewalls, so I'll shut up now.
Paul
[1] Disclaimer: My current employer owns NTBugtraq- link is on the
NTBugtraq logo at: http://www.trusecure.com/html/tspub/index.shtml
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
