VULHUB ™

Microsoft Security Bulletin (MS00-044) - Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Information Server. The "Absent Directory Browser Argument" vulnerability allows a malicious user to stop the web server from providing useful service. A new way to exploit the "File Fragment Reading via .HTR" vulnerability has been found which does not strip out most of the useful parts of the ASP source which it allows remote users to view. Microsoft FAQ on this issue available here.

Microsoft Security Bulletin (MS00-044) - Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Information Server. The "Absent Directory Browser Argument" vulnerability allows a malicious user to stop the web server from providing useful service. A new way to exploit the "File Fragment Reading via .HTR" vulnerability has been found which does not strip out most of the useful parts of the ASP source which it allows remote users to view. Microsoft FAQ on this issue available here.