info
discussion
exploit
solution
references
Microsoft IIS 4.0/5.0 Source Fragment Disclosure Vulnerability
Solution:
Apply the vendor supplied patches. Disable HTR functionality if you do not need it.
Microsoft IIS 4.0 alpha
Microsoft Q267559
http://download.microsoft.com/download/winntsp/Patch/q267559/NT4ALPHA/ EN-US/htrdos4a.exe
Microsoft Q267559
http://download.microsoft.com/download/winntsp/Patch/q267559/NT4ALPHA/ EN-US/htrdos4as.exe
Microsoft IIS 4.0
Microsoft Q267559
http://download.microsoft.com/download/winntsp/Patch/q267559/NT4ALPHA/ EN-US/htrdos4i.exe
Microsoft Q267559
http://download.microsoft.com/download/winntsp/Patch/q267559/NT4ALPHA/ EN-US/htrdos4is.exe
Microsoft IIS 5.0
Microsoft Q267559
http://download.microsoft.com/download/win2000platform/Patch/q267559/N T5/EN-US/Q267559_W2K_SP2_x86_en.EXE
Privacy Statement
Copyright 2010, SecurityFocus
