• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Internet Information Services ASP Remote Code Execution Vulnerability

Solution:
Microsoft has released a security bulletin to address this vulnerability. Please see the references for details.


Microsoft IIS 6.0

• Microsoft Security Update for Windows Server 2003 (KB942830)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=6583e798-d16d -419c-aee1-30c3e6c635b3


• Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB942830)
  http://www.microsoft.com/downloads/details.aspx?familyid=29faa70d-f1ac -4da4-b72a-faf1973cd845


• Microsoft Security Update for Windows Server 2003 x64 Edition (KB942830)
  http://www.microsoft.com/downloads/details.aspx?familyid=e8286174-8209 -409f-8805-e534715a741c


• Microsoft Security Update for Windows XP x64 Edition (KB942830)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=df9875f7-04d6 -486e-bdb5-35e9e305fa1d

Microsoft IIS 5.1

• Microsoft Security Update for Windows XP (KB942830)
  http://www.microsoft.com/downloads/details.aspx?FamilyID=2b498065-d682 -4227-b23e-d234d7d6a3fe