IIS Chunked Encoding Transfer Buffer Overflow Vulnerability
From: Rob Pope (rob.pope@vigilante-uk.com)Date: 07/09/02
- Previous message: Lucas: "RE: MS99-027 - New IIS problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 9 Jul 2002 14:13:10 -0000 From: Rob Pope <rob.pope@vigilante-uk.com> To: pen-test@securityfocus.com('binary' encoding is not supported, stored as-is)
Hi,
I am testing an IIS5 server at the moment and my automated vulnerability
tool reports that the server is vulnerable to the IIS Chunked Encoding
Transfer Buffer Overflow Vulnerability.
I am trying to confirm this remotely by using the proof of concept script
at http://online.securityfocus.com/bid/4485/exploit/ on iisstart.asp. I'm
getting back a HTTP/1.1 100 Continue response.
Can anyone confirm whether this is a positive response?
Many Thanks
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Lucas: "RE: MS99-027 - New IIS problem?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
