Comments on: IIS 0 day vulnerability in parsing files http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/ From Pentesters To Pentesters Thu, 08 Jul 2010 02:17:27 +0100 http://wordpress.org/?v=2.8.4 hourly 1 By: Tim http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/comment-page-1/#comment-93565 Tim Mon, 11 Jan 2010 08:45:30 +0000 http://www.notsosecure.com/folder2/?p=319#comment-93565 The problem with Sharepoint in my experience isn't that you can't get malicious code uploaded but that it has some kind of sandbox that prevents arbitrary ASPX files from being executed. The problem with Sharepoint in my experience isn’t that you can’t get malicious code uploaded but that it has some kind of sandbox that prevents arbitrary ASPX files from being executed.

]]> By: sid http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/comment-page-1/#comment-93078 sid Tue, 29 Dec 2009 12:01:31 +0000 http://www.notsosecure.com/folder2/?p=319#comment-93078 I guess the big question is, which apps are vulnerable, the obvious one which comes to my mind is the sharepoint. Is that vulnerable? I guess the big question is, which apps are vulnerable, the obvious one which comes to my mind is the sharepoint. Is that vulnerable?

]]> By: Week 52 in Review – 2009 | Infosec Events http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/comment-page-1/#comment-93054 Week 52 in Review – 2009 | Infosec Events Mon, 28 Dec 2009 12:50:46 +0000 http://www.notsosecure.com/folder2/?p=319#comment-93054 [...] IIS 0 day vulnerability in parsing files – notsosecure.com By using this vulnerability, an attacker can bypass protection and upload a dangerous executable file on the server. [...] [...] IIS 0 day vulnerability in parsing files – notsosecure.com By using this vulnerability, an attacker can bypass protection and upload a dangerous executable file on the server. [...]

]]> By: 1943 http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/comment-page-1/#comment-92969 1943 Fri, 25 Dec 2009 02:57:27 +0000 http://www.notsosecure.com/folder2/?p=319#comment-92969 door.asp;-.gif door.php;-.gif door.asp;-.gif
door.php;-.gif

]]> By: Trace http://www.notsosecure.com/folder2/2009/12/24/iis-0-day-vulnerability-in-parsing-files/comment-page-1/#comment-92967 Trace Fri, 25 Dec 2009 01:48:32 +0000 http://www.notsosecure.com/folder2/?p=319#comment-92967 lol.This Vulnerability have be reported some months ago by kevin1986 from China. Original:http://www.80sec.com/microsoft-internet-infomation-server-6-isapi-filename-analytic-vulnerabilitie.html lol.This Vulnerability have be reported some months ago by kevin1986 from China.

Original:http://www.80sec.com/microsoft-internet-infomation-server-6-isapi-filename-analytic-vulnerabilitie.html

]]>