Дырка в IIS (double decoding directory traversal)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Дырка в IIS (double decoding directory traversal)
updated since 15.05.2001
Published:
16.05.2001
Source:
NTBUGTRAQ
SecurityVulns ID:
1187
Type:
remote
Level:
8
/10
Описание:
Путь к CGI-программе декодируется дважды, что позволяет обойти проверку на обратный путь в директориях.
Affected:
MICROSOFT
:
Internet Information Server 4.0
MICROSOFT
:
Internet Information Server 5.0
Original document
X-FORCE
,
ISS Alert: IIS URL Decoding Vulnerability
(
16.05.2001
)
CERT
,
Advisory CA-2001-12
(
16.05.2001
)
MICROSOFT
,
Security Bulletin MS01-026
(
15.05.2001
)
NSFOCUS
,
NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability
(
15.05.2001
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
