Loading ...
Sorry, an error occurred while loading the content.

FYI - Microsoft comments on the IIS 5.0-6.0 FTP security vulnerabilities.

Expand Messages
  • wa4zko
    Microsoft has officially responded to the recent 0-day FTP security issues on IIS 5.0, 5.1, and 6.0. They are working on patches for it. It s bad, but not as
    Message 1 of 1 , Sep 2, 2009
    • 0 Attachment
      Microsoft has officially responded to the recent 0-day FTP security issues on IIS 5.0, 5.1, and 6.0. They are working on patches for it. It's bad, but not as bad as it could be.

      http://www.microsoft.com/technet/security/advisory/975191.mspx

      Special attention to the FAQ and Mitigating Factors sections. Looks like anonymous write access is needed for successful remote exploitation by a non-authenticated user.


      73
      Jeff
      WA4ZKO
      http://twitter.com/wa4zko
    Your message has been successfully submitted and would be delivered to recipients shortly.