Microsoft IIS 3.0 newdsn.exe File Creation Vulnerability

info
discussion
exploit
solution
references

Microsoft IIS 3.0 newdsn.exe File Creation Vulnerability

Microsoft IIS 3.0 came with a sample program, newdsn.exe, installed by default in the directory wwwroot/scripts/tools/. Execution of this program with a properly submitted URL could allow for remote file creation. The file created is a Microsoft Access Database, but can have any extension, including .html.