« Apache Pre 2.0.46 Denial of Service | Main | Site additions »

Cumulative Patch for Internet Information Service

SPI Labs and NSFocus have discovered multiple holes in IIS. Two denial of service conditions exist that can allow an attacker to cause IIS to stop responding. One Cross site scripting issue exists in the 302 redirection pages, and one buffer overflow that allows command execution as the webserver user. The buffer overflow requires the user to have upload ability, and Server Side Include permissions.

Microsoft advisory

To apply this patch run windows update and install patch "Q811114:"


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!