[20664] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Microsoft IIS CGI Filename Decode Error Vulnerability

daemon@ATHENA.MIT.EDU (Adriano Maia)
Wed May 16 09:27:25 2001

Date: Tue, 15 May 2001 21:29:19 -0300 (BRT)
From: Adriano Maia <shooter@unsekure.com.br>
To: <bugtraq@securityfocus.com>
Message-ID: <Pine.LNX.4.33.0105152122080.4373-100000@server.unsekure.com.br>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

I won't call it an exploit. Just a vulnerability-check tool.
But nothing blocks you to use it as an exploit ;) .

http://www.unsekure.com.br/labs/jmscan-1.1.tar.gz

Currently check this vulns:

"Microsoft IIS CGI Filename Decode Error Vulnerability"
"Microsoft IIS Extended Unicode Directory Traversal Vulnerability"

It's a module-based tool, so as soon as new vulns will appear I will add
new modules.

Adriano Maia
shooter@unsekure.com.br


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20664] in bugtraq

Microsoft IIS CGI Filename Decode Error Vulnerability

daemon@ATHENA.MIT.EDU (Adriano Maia)Wed May 16 09:27:25 2001

daemon@ATHENA.MIT.EDU (Adriano Maia)
Wed May 16 09:27:25 2001