Microsoft Multiple IIS 6.0 Web Admin Vulnerabilities

info
discussion
exploit
solution
references

Microsoft Multiple IIS 6.0 Web Admin Vulnerabilities

Multiple vulnerabilities have been reported in the web admin interface that is included in Microsoft IIS 6.0. This includes multiple instances of cross-site scripting vulnerabilities. Additionally, it is reported that the web admin interface could expose valid session IDs or permit unauthorized access to areas that do not require session IDs.