Home page logo
/

bugtraq logo Bugtraq mailing list archives

UNICODE2 (2708)
From: "Security COnfera" <honza.dforum () atlas cz>
Date: Wed, 16 May 2001 21:55:49 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all


I tested Microsoft IIS CGI Filename Decode Error Vulnerability
on Personal Web Server v1.0 and v3.0 on win98 and is vulnerable.

i use /scripts/..%255c..%255c

and
 %%35c , %%35%63 , %25%35%63 

Kachlik Jan


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOwJLZCBUZIferCyJEQKALwCgoPa9XX7UjbcSiWDmbjQTTvaAz2sAoJhR
ejDh3ZByrXLmd6b4j++76s6O
=7++w
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • UNICODE2 (2708) Security COnfera (May 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]