Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: MSIIS servers patched/de-doored, but C and D keep coming back

From: "Davis, Matt" <matt.davis () countryfinancial com>
Date: Tue, 14 Aug 2001 13:03:03 -0500
The URL is missing a ?.  The correct one is:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutio
ns/security/tools/redthree.asp

--
Matt Davis
Intermediate Client Server Business Support Analyst
COUNTRY(SM) Insurance & Financial Services
309-821-6288
mailto:matt.davis () countryfinancial com



-----Original Message-----
From: K P [mailto:kpaske () hotmail com]
Sent: Monday, August 13, 2001 7:28 PM
To: incidents () securityfocus com
Subject: Re: MSIIS servers patched/de-doored, but C and D keep coming
back


Recently Microsoft announced that there was another 
vulnerability discovered 
in IIS systems configured with URL redirection that would 
allow Code Red II 
to compromise those systems.  They suggested that you disable the URL 
redirection until an additional patch could be released.  Check out:
http://www.microsoft.com/technet/treeview/default.aspurl=/techn
et/itsolutions/security/tools/redthree.asp 
 for more details.

-KP


_________________________________________________________________
Get your FREE download of MSN Explorer at 

http://explorer.msn.com/intl.asp


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: