Remote 'Root' Exploit in IIS 5.0 184
eEye Digital Security
was doing some testing that apparently Microsoft hadn't done on its own webserver (IIS 5.0) running on its latest OS (Windows 2000, all versions). "Within a matter of minutes," they say, "a debugger kicked in on inetinfo.exe because of a 'buffer overflow error'" -- and two weeks later, we got simultaneous announcements from Microsoft and eEye. This is a remote SYSTEM-level exploit in a popular webserver, in the wild, i.e., Danger Will Robinson. eEye says about a million servers will need to be patched;
it may be more.
Go see
Microsoft's writeup and patch.
See also
eEye's droll and informative writeup,
which, now that an exploit is confirmed to be in the wild today, has added some source code.
Remote 'Root' Exploit in IIS 5.0 More Login
Remote 'Root' Exploit in IIS 5.0
Related Links Top of the: day, week, month.
Slashdot Top Deals