Dailydave mailing list archives

Re: MS08-006 under rated?

From: H D Moore <dailydave () digitaloffense net>
Date: Thu, 14 Feb 2008 08:39:13 -0600

You can read my first round of analysis here:
https://strikecenter.bpointsys.com/

The two questions I still have:
 * Is this exploitable out of the box with iishelp/common/500-100.asp
 * Is this exploitable through Response.Redirect()

Cheers,

-HD

On Wednesday 13 February 2008, Cesar wrote:

From http://www.microsoft.com/technet/security/Bulletin/MS08-006.mspx
"A remote code execution vulnerability exists in the way that Internet
Information Services handles input to ASP Web pages. An attacker could
exploit the vulnerability by passing malicious input to a Web site’s
ASP page. An attacker who successfully exploited this vulnerability
could then perform any actions on the IIS Server with the same rights
as the Worker Process Identity (WPI), which by default is configured
with Network Service account privileges."



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Nicolas RUFF (Feb 14)
- Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)
- Re: MS08-006 under rated? H D Moore (Feb 14)
- <Possible follow-ups>
- Re: MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Cesar (Feb 14)
  - Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)