Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
File Access Vulnerability in Personal Web Server
A vulnerability exists in certain versions of Personal Web Server running under Windows® 95 or Windows 98, which could allow files on the server to be read by an unauthorized user who knew the name of the file and requested it via a specific non-standard URL.
Issue
This vulnerability allows a file request that uses a non-standard URL to bypass the server's normal file access controls. The file must be specifically requested by name, so the requester would need to know the name of the file or correctly guess it. The vulnerability would allow files on the server to be read, but not changed or deleted, and would not allow new files to be written to the server. The vulnerability does not allow any administrative privileges on the server.
Affected Products
- Microsoft Personal Web Server and FrontPage Personal Web Server on Windows 95 or 98
Download
Patch: http://support.microsoft.com/download/support/mslfiles/Pwssecup.exe
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: March 26, 1999
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
