Re: New Secuity Vulnerabilities

From: xenophi1e (
Date: 06/05/03

  • Next message: Peteris Krumins: "Decision"
    Date: 4 Jun 2003 23:35:50 -0000
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <>

    Had a friend with a few 2K3 servers try this. Apparently it wasn't
    present on two virgin installs w/o ISS, nor on a testing machine with IIS
    (and probably the world) installed.


    >1=2E Windows 2003 Server has a built in Command Line Interreptor (I don't
    >know if this service is enabled by defult but i've tested this on 9
    >in 7 of them it worked), which means that you can send commands to it
    >the HTTP (TCP)=20
    > method (the web browser) by trying to access the server on port 19338
    >like this:

  • Next message: Peteris Krumins: "Decision"