On Fckeditor2 times upload vulnerability(IIS6 semicolon parsing vulnerability)-vulnerability warning-the black bar safety net

ID MYHACK58:62200925203
Type myhack58
Reporter 佚名
Modified 2009-11-05T00:00:00


A long time ago t00ls core group discussion. Hesitate Fckeditor first upload the 1 2 3. asp;123.jpg this format do the filtering. That is, IIS6 parsing vulnerability. Upload for the first time. Be filtered for 123_asp;123.jpg so is not running. But the first 2 times to upload the same file 1 2 3. asp;1 2 3. jpg after. Due to the"123_asp;123.jpg"already exists. The file name is named as 1 2 3. asp;1 2 3(1). jpg 1 2 3. asp;1 2 3(2). jpg such a numbering.

So. IIS6 vulnerabilities continue to perform. And then through the capture. Get uploaded after the address.。

The rest see everyone flexible use. In addition fck there are a plurality of vulnerabilities not published. in. Said above the latest official version has been patch!