|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Translate:f summary, history and thoughts
From: Russ (Russ.Cooper
RC.ON.CA)Date: Tue Aug 15 2000 - 15:48:14 CDT
- Next message: Greg Anuzelli: "Re: local Administrator compromise at least on default Windows 2000"
- Previous message: Russ: "Re: Another Web Folder issue"
- Maybe in reply to: Daniel Docekal: "Translate:f summary, history and thoughts"
- Next in thread: Russ: "Re: Translate:f summary, history and thoughts"
- Maybe reply: Russ: "Re: Translate:f summary, history and thoughts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To be clear, there are two distinct vulnerabilities being referred to by
Daniel called "TRANSLATE:f"
1. IIS 4.0/IIS 5.0 and virtual directories residing on UNC shares, patched
by MS00-019.
2. IIS 5.0 (with or without MS00-019) patched by SP1 or MS00-058.
IIS 4.0 boxes patched with MS00-019 are not vulnerable to the issues
addressed by MS00-058 (which explains why there isn't an IIS 4.0 version of
it).
IIS 5.0 boxes patched with MS00-019 are vulnerable to the issues addressed
by MS00-058, whether or not their ASP source resides on a UNC share or not.
So, wrt MS00-058, IIS 4.0 users need do nothing (other than be sure you've
gotten all of the other patches you should have). IIS 5.0 users should apply
SP1 or the patch referred to in MS00-058.
Some IIS users have told me that even after applying the appropriate fixes
they are still vulnerable to Daniel's Translate:f tests. This is because
other security steps have not been implemented on your systems to ensure
that ASP source is not available upon request (namely incorrect permissions
on web directories or files).
Hopefully we won't be visiting this issue again in a year as another
"RDS-like" problem that nobody has remembered to fix.
Cheers,
Russ - NTBugtraq Editor
----------------------------------------------------------------------------
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
Upgrade your server security to 128-bit SSL encryption!
Get VeriSign's FREE guide, "Securing Your Web Site for Business." You will
learn everything you need to know about using 128-bit SSL to encrypt your
e-commerce transactions for serious online security. Click here!
http://www.verisign.com/cgi-bin/go.cgi?a=n046607800016000
----------------------------------------------------------------------------
- Next message: Greg Anuzelli: "Re: local Administrator compromise at least on default Windows 2000"
- Previous message: Russ: "Re: Another Web Folder issue"
- Maybe in reply to: Daniel Docekal: "Translate:f summary, history and thoughts"
- Next in thread: Russ: "Re: Translate:f summary, history and thoughts"
- Maybe reply: Russ: "Re: Translate:f summary, history and thoughts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]