[Dshield] 0 Day vulnerability in IIS and IE exploited
mtombaugh at alliedcc.com
Fri Jun 25 16:45:38 GMT 2004
On Friday 25 June 2004 1:36 am, Stephane Grobety wrote:
> In the past days, an unknown group of criminals have started
> exploiting a yet to be discovered 0-day exploit in Microsoft IIS window
> to break into corporate web servers. Once in place, they add a page
> downloading a PHP file in Russia.
Any more info about how the IIS servers are getting hacked? Googling for
infections, it doesn't appear as widespread as reported, but still very
concerning. Anyone know if the infected IIS were running FP extensions?
Mark Tombaugh <mtombaugh at alliedcc.com>
Allied Computer Corporation <http://www.alliedcc.com>
USiHOST, iNC. <http://www.usihost.com>
More information about the list