[BUG-CORRECTION] IISShield "Server" header costumization

From: Tiago Halm (thalm_at_NETCABO.PT)
Date: 04/17/04

  • Next message: insecure: "Office XP Update: March 23, 2004"
    Date:         Sat, 17 Apr 2004 18:05:44 +0100
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Hi all,

    A new version (v1.0.4) of IISShield was released concerning a bug correction
    regarding the parsing of the "Server" header costumization. The problem
    concerned the interpretation of the "Server" header costumization. When the
    objective was to leave the "Server" header with its default value, IISShield
    would wrongly remove the "Server" header from the HTTP Response.

    Download of the new version (v1.0.4) is available at
    http://www.kodeit.org/products/iisshield/download.htm

    If anyone finds any other problems, please feel free to report them to me or
    to the IISShield mailing list available at:
    http://groups.yahoo.com/group/IISShield/

    As always, thank you for the given support,
    Tiago Halm
    KodeIT Development Team
    http://www.kodeit.org

    <snip>
    IISShield is an IIS ISAPI Filter preventing any known and unknown attacks
    from disrupting IIS. The preventive approach of IISShield is an added value
    preventing IIS from even trying to interpret requests trying to break-in.
    With a detailed logging engine, IISShield helps IIS administrators to know
    in advance and protect IIS from known or unknown HTTP attacks that flow over
    the Internet.
    The configuration is quite detailed giving the ability to precisely decide
    over what is accepted and what is not regarding the HTTP Layer.
    RFC Compliance is just one of the core features of IISShield offering an
    assurance of quality of service to the IIS Administrator.
    Technical comparison with another well known tool with similar capabilities
    is also provided outlining the powerfull capabilities of IISShield.

     ...

    IISShield can be downloaded from
    http://www.kodeit.org/products/iisshield/download.htm
    </snip>

    -----
    Earn up to 10 credit course hours toward the TruSecure ICSA Practitioner (TICSA) Credential and receive a TICSA exam coupon by attending the Infosecurity Canada 2004 conference. Featured speaker, Marcus J. Ranum, TruSecure inventor of the proxy firewall will present on June 3 at 11:30 AM. Visit <https://ticsa.trusecure.com> for certification details and <http://www.infosecuritycanada.com> for conference information. Become TICSA certified and see what happens!
    -----


  • Next message: insecure: "Office XP Update: March 23, 2004"

    Relevant Pages