Microsoft Internet Information Server 5.1 DLL Request Remote Code Execution Vulnerability

To demonstrate this issue, the following request will crash the application if issued a number of times (four requests will do the trick, according to the author):

http://www.example.xom/_vti_bin/.dll/*\~0

The following proof-of-concept exploit also demonstrates this issue by crashing the application:


 

Privacy Statement
Copyright 2010, SecurityFocus