|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: more iis-unicode questions
From: Fleck, Michael (Michael.Fleck
COMPAQ.COM)Date: Thu Oct 26 2000 - 09:12:25 CDT
- Next message: Aj Effin ReznoR: "Re: Rumor"
- Previous message: Ryan Yagatich: "Summary of IIS 4.0/5.0 Unicode thread (end of thread?)"
- Maybe in reply to: aliver vilereal: "more iis-unicode questions"
- Maybe reply: Fleck, Michael: "Re: more iis-unicode questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I would put forth that the security does not stop the attack.
The security only stops them half way. Should an intruder be allowed half
way in?
-----Original Message-----
From: JRC - Techno Logic Consulting [mailto:jcribbTLC-SA.COM.AR]
Sent: Thursday, October 26, 2000 5:48 AM
To: VULN-DEVSECURITYFOCUS.COM
Subject: Re: more iis-unicode questions
Yes, I was tested with several Servers and works. But, when the security
rights of the files in the server was correctly configured, the security
stops the atack.
----- Original Message -----
From: aliver vilereal <mailto:willeyBLUE.NET>
To: VULN-DEVSECURITYFOCUS.COM <mailto:VULN-DEVSECURITYFOCUS.COM>
Sent: Wednesday, October 25, 2000 11:10 PM
Subject: more iis-unicode questions
has anyone seen the iis-unicode exploit run over https? i'm not crazy for
thinking it is possible am i? i'm sorry to keep asking questions of the
list, but i haven't been able to install iis and test these things, becasuse
i am away from where my disk is.
thanks again
aliver vilereal
ubermother
- Next message: Aj Effin ReznoR: "Re: Rumor"
- Previous message: Ryan Yagatich: "Summary of IIS 4.0/5.0 Unicode thread (end of thread?)"
- Maybe in reply to: aliver vilereal: "more iis-unicode questions"
- Maybe reply: Fleck, Michael: "Re: more iis-unicode questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]