Bugtraq mailing list archives
RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability]
From: Adriano Dias <adias () proteus com br>
Date: Wed, 16 May 2001 12:17:19 -0300
Ya! I did that! I used the .asp file to upload and execute the nc file and to get the system permissions. If you need some instructions to do that, send it to the list. Adriano Dias Proteus Security Systems -----Original Message----- From: e-Security Chap [mailto:e-securitychap () usa net] Sent: Tuesday, May 15, 2001 10:42 PM To: Andrew Thomas; BUGTRAQ () SECURITYFOCUS COM Subject: [RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability] hi folks, its just another expected iis bug. did anybody tried out the chance of elevating privileges. i have tried the same techniques as in the iis unicode bug, however i could not. any known ways to do that? regards ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- RE: NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error V ulnerability] Adriano Dias (May 16)