Dailydave mailing list archives
Re: MS08-006 under rated?
From: H D Moore <dailydave () digitaloffense net>
Date: Thu, 14 Feb 2008 08:39:13 -0600
You can read my first round of analysis here: https://strikecenter.bpointsys.com/ The two questions I still have: * Is this exploitable out of the box with iishelp/common/500-100.asp * Is this exploitable through Response.Redirect() Cheers, -HD On Wednesday 13 February 2008, Cesar wrote:
From http://www.microsoft.com/technet/security/Bulletin/MS08-006.mspx "A remote code execution vulnerability exists in the way that Internet Information Services handles input to ASP Web pages. An attacker could exploit the vulnerability by passing malicious input to a Web site’s ASP page. An attacker who successfully exploited this vulnerability could then perform any actions on the IIS Server with the same rights as the Worker Process Identity (WPI), which by default is configured with Network Service account privileges."
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Nicolas RUFF (Feb 14)
- Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)
- Re: MS08-006 under rated? H D Moore (Feb 14)
- <Possible follow-ups>
- Re: MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)