Bugtraq: [BUG-CORRECTION] IISShield "Server" header costumization

["Tiago Halm" <thalm () netcabo pt>]

Hi all,

A new version (v1.0.4) of IISShield was released concerning a bug correction
regarding the parsing of the "Server" header costumization. The problem
concerned the interpretation of the "Server" header costumization. When the
objective was to leave the "Server" header with its default value, IISShield
would wrongly remove the "Server" header from the HTTP Response.

Download of the new version (v1.0.4) is available at
http://www.kodeit.org/products/iisshield/download.htm

If anyone finds any other problems, please feel free to report them to me or
to the IISShield mailing list available at:
http://groups.yahoo.com/group/IISShield/

As always, thank you for the given support,
Tiago Halm
KodeIT Development Team
http://www.kodeit.org

<snip>
IISShield is an IIS ISAPI Filter preventing any known and unknown attacks
from disrupting IIS. The preventive approach of IISShield is an added value
preventing IIS from even trying to interpret requests trying to break-in.
With a detailed logging engine, IISShield helps IIS administrators to know
in advance and protect IIS from known or unknown HTTP attacks that flow over
the Internet.
The configuration is quite detailed giving the ability to precisely decide
over what is accepted and what is not regarding the HTTP Layer.
RFC Compliance is just one of the core features of IISShield offering an
assurance of quality of service to the IIS Administrator.
Technical comparison with another well known tool with similar capabilities
is also provided outlining the powerfull capabilities of IISShield.

 ... 

IISShield can be downloaded from
http://www.kodeit.org/products/iisshield/download.htm
</snip>