|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Third Party Software Affected by IIS "Escape Character Parsing" V ulnerability
Subject: Third Party Software Affected by IIS "Escape Character Parsing" V ulnerability
From: Microsoft Product Security Response Team (secure
MICROSOFT.COM)
Date: Tue Dec 28 1999 - 12:27:05 CST
- Next message: Brock Tellier: "majordomo local exploit"
- Previous message: Brock Tellier: "UnixWare local pis exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi All -
A recent posting to BugTraq asked why we didn't identify specific
third-party software products that are affected by the "Escape Character
Parsing" vulnerability
(http://www.microsoft.com/Security/Bulletins/ms99-061.asp). Although we do
try to provide as much information regarding security vulnerabilities as
possible, we simply can't provide information like this without the consent
of the third-party vendors. Even if we could provide a list of third-party
products that are known to be affected by the vulnerability, it would become
obsolete almost immediately as new versions of the products are released.
The safest course of action is to apply the patch if you are running any
third-party software atop IIS. This will ensure that your system is
protected, regardless of the third-party software you're using now or in the
future. Regards,
Securemicrosoft.com
- Next message: Brock Tellier: "majordomo local exploit"
- Previous message: Brock Tellier: "UnixWare local pis exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Tue Dec 28 1999 - 17:02:41 CST