Alnini.comEnterprise Computing » Corporate Security » IIS5 File-Fragment Reading via Malformed HTR Request Vulnerability Patch
  

IIS5 File-Fragment Reading via Malformed HTR Request Vulnerability Patch (MS01-004)


This vulnerability involves a new variant of the 'File Fragment Reading via .HTR' vulnerability, previous variants of which were discussed in Microsoft Security Bulletins MS00-031 and MS00-044. Like the original variants, this one could enable an attacker to request a file in a way that would cause it to be processed by the HTR ISAPI extension. The result of doing this is that fragments of server-side files, such as ASP files, could potentially be sent to the attacker.

Customers who have previously disabled the HTR functionality would not be affected by this vulnerability. Microsoft recommends that all customers who haven?t already disabled HTR do so, unless there is a business-critical reason for keeping it. For the latter group of customers, this patch will eliminate this vulnerability.

Publisher:

File size:

135KB

Date added:

12/03/2001

Licence:

Free

Requirements:

Windows 2000

Un/Install:

No

Downloads:

1,554

Download Now!

See Also

VisualLookout 5.0g

Monitor and record activity on your network.

ZoneAlarm Pro 5.1.011

Apply comprehensive and customizable security to your Internet connection.

PacketAlarm 4.0

Establish a barrier against attacks and unauthorized access to your network.

Partners
• 

RSS | FAQ |

Links | Maestro

Copyright © 2004-2023 Alnini, Inc. All Rights Reserved. Privacy Policy | Terms of UseGeneration time: 0.02 | SQL queries: 8