Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability

Solution:
The patch released with the advisory MS00-057 (http://www.microsoft.com/technet/security/bulletin/ms00-057.asp) eliminates this vulnerability, therefore those who have already applied this patch do not have to take any further action. Otherwise, the patch is available at the following locations:


Microsoft Personal Web Server 4.0

Microsoft IIS 4.0 alpha

Microsoft IIS 4.0

Microsoft IIS 5.0


 

Privacy Statement
Copyright 2010, SecurityFocus