Microsoft IIS Virtual Directory Naming Vulnerability patch v.1

Advertisement
Advertisement

If a file on one of the affected web server products resides in a virtual directory whose name contains a legal file extension, the normal server-side processing of the file canbe bypassed. The vulnerability would manifest itself in different ways depending on the specific file type requested, the specific file extension in the virtual directory name,and the permissions that the requester has in the directory. In most cases, an error would result and the requested file would not be served. In the worse case, the source code of.ASP or other files could be sent to the browser. This vulnerability would be most likely to occur due to administrator error, or if a product generated an affected virtual directory name by default. (Front Page Server Extensions is one such product).

If a file on one of the affected web server ...

 
  • Microsoft IIS Virtual Directory Naming Vulnerability patch
  • 1
  • 5am Code
  • Windows 9X, ME, NT, 2K, 2003, XP, Vista
  • Freeware
  • 1 Kb
  • 110
  • Free
 
 

Review Microsoft IIS Virtual Directory Naming Vulnerability patch

  • captcha
 


Utilities - Other software of 5am Code

  • 2007 Microsoft Office Suite Service Pack 1  v.1.0The 2007 Microsoft Office suite Service Pack 1 delivers important customer-requested stability and performance improvements, while incorporating further enhancements to user security. This service pack also includes all of the updates released for ...
  • 2007 Office System Converter: Microsoft Filter Pack  v.1.0Will install and register IFilters with the Microsoft Windows Indexing Service.The package will install and register IFilters with the Microsoft Windows Indexing Service. These IFilters are used by Microsoft Search products to index the contents of ...


Utilities - New Utilities software

  • DoNotSpy10  v.3.0DoNotSpy10 is the world's first antispy tool for Windows 10. Its straight-forward user interface allows you to manage how Windows 10 respects their privacy. Microsoft introduces many new 'diagnostic' features with Windows 10.
  • Microsoft IIS Escape Character Parsing Vulnerability patch  v.1RFC 1738 specifies that web servers must allow hexadecimal digits to be input in URLs by preceding them with the so-called escape character, a percent sign. IIS complies with this specification, but also accepts characters after the percent sign that ...
  • Microsoft Intellipoint 32bit Driver  v.6.1IntelliPoint software enables you to customize the unique features of your Microsoft mouse to fit your needs. With IntelliPoint mouse software, you can reassign each mouse buttonincluding the wheel buttonto perform a command or keyboard shortcut, ...