Vulnerability Development mailing list archives
Re: more iis-unicode questions
From: "Fleck, Michael" <Michael.Fleck () COMPAQ COM>
Date: Thu, 26 Oct 2000 09:12:25 -0500
I would put forth that the security does not stop the attack. The security only stops them half way. Should an intruder be allowed half way in? -----Original Message----- From: JRC - Techno Logic Consulting [mailto:jcribb () TLC-SA COM AR] Sent: Thursday, October 26, 2000 5:48 AM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: more iis-unicode questions Yes, I was tested with several Servers and works. But, when the security rights of the files in the server was correctly configured, the security stops the atack. ----- Original Message ----- From: aliver vilereal <mailto:willey () BLUE NET> To: VULN-DEV () SECURITYFOCUS COM <mailto:VULN-DEV () SECURITYFOCUS COM> Sent: Wednesday, October 25, 2000 11:10 PM Subject: more iis-unicode questions has anyone seen the iis-unicode exploit run over https? i'm not crazy for thinking it is possible am i? i'm sorry to keep asking questions of the list, but i haven't been able to install iis and test these things, becasuse i am away from where my disk is. thanks again aliver vilereal ubermother
Current thread:
- more iis-unicode questions aliver vilereal (Oct 26)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)
- Re: more iis-unicode questions Erik Tayler (Oct 27)
- Re: more iis-unicode questions J. J. Horner (Oct 27)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)
- <Possible follow-ups>
- Re: more iis-unicode questions Fleck, Michael (Oct 27)
- Re: more iis-unicode questions JRC - Techno Logic Consulting (Oct 27)