About Us Services Solutions Blog

IIS 5/6 exploit

Recent exploit published for IIS 5.0/6.0 shows that even when you think you fixed/patched all the bugs, there's a huge one (ie. remote root exploit) hiding in there for a while.

--> "The vulnerability appears to be triggered only in limited circumstances, specifically when IIS is set to enable the file transfer protocol and there is a writable folder. While that suggests the majority of IIS installations aren't vulnerable, the universe of affected systems is still big enough to give the security conscious pause."

Perhaps it's time to upgrade and lockdown :)

Comments

New Comment

Author

Email

Url

Content

Back

exploit   vulnerability   password   xss   sql_injection   social_engineering   hack   attack   wire_tapping   sniffing   malware   encryption   compliance_legal   security