[13600] in bugtraq
Re: Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory
daemon@ATHENA.MIT.EDU (Mnemonix)
Fri Jan 28 15:45:23 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <018901bf69a7$8d2c0330$5802020a@cerberusinfosec.co.uk>
Date: Fri, 28 Jan 2000 15:51:32 -0000
Reply-To: Mnemonix <mnemonix@GLOBALNET.CO.UK>
From: Mnemonix <mnemonix@GLOBALNET.CO.UK>
X-To: jsoucy@internet.gouv.qc.ca, ntbugtraq@listserv.ntbugtraq.com,
BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
> I apply the patch from Microsoft and it doesnt change the problem. I test
> this after and the problem are the same
>
> *** WARNING ****
> Even if you have no .htw files on your system you're probably
> still vulnerable! A quick test to show if you are vulnerable:
> go to http://YOUR_WEB_SERVER_ADDRESS_HERE/nosuchfile.htw
> If you receive a message stating the "format of the QUERY_STRING
> is invalid" you _are_ vulnerable.
This test is to see if you're vulnerable _before_ you apply the patch. After
you install the patch you _will_still get the same message.
Cheers,
David Litchfield
http://www.cerberus-infosec.co.uk/
