Virtualized UNC Share Vulnerability
If a virtual directory on an Internet Information Server (IIS) computer is mapped to a Universal Naming Convention (UNC) share, and a request for a file in the directory contains one of several particular characters at the end of the request, the expected Internet Server Application Programming Interface (ISAPI) extension processing may not occur. This can result in the source code of the file being sent to the browser.
Affected Products
- Microsoft Internet Information Server 4.0 and 5.0
Solution
Software patches are available from the following locations:
- Internet Information Server 4.0
Intel: http://www.microsoft.com/downloads/release.asp?ReleaseID=18900
Alpha: http://www.microsoft.com/downloads/release.asp?ReleaseID=18901 - Internet Information Server 5.0
http://www.microsoft.com/downloads/release.asp?ReleaseID=19982
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: March 30, 2000
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
 |
 |
|
More Guides » | Registry Guide | Support Forums | Software Guide | Scripting Guide | Search |  | |
