MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
BID:1108
Info
MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
| Bugtraq ID: | 1108 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 14 2000 12:00AM |
| Updated: | Apr 14 2000 12:00AM |
| Credit: | Discovered by Alf Serer <[email protected]> and rain forest puppy <[email protected]>. Posted to Bugtraq on April 14, 2000. |
| Vulnerable: |
Microsoft InterDev 1.0 Microsoft FrontPage 98 Server Extensions for IIS |
| Not Vulnerable: |
Microsoft FrontPage 2000 |
Discussion
Exploit / POC
MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
rain forest puppy <[email protected]> released the following exploit:
rain forest puppy <[email protected]> released the following exploit:
Solution / Fix
MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
MS IIS FrontPage 98 Extensions Filename Obfuscation Vulnerability
References:
References: