Microsoft IIS PHP File Parsing

2009-12-29T00:00:00
ID PACKETSTORM:84286
Type packetstorm
Reporter Pouya Server
Modified 2009-12-29T00:00:00

Description

                                        
                                            `IIS 6 0day (php)  
original exploit : http://www.securityfocus.com/bid/37460  
by: Pouya_Server  
When the upload pictures to File.php;file.jpg when, IIS will automatically parse the php format.  
  
to change the file name webshell 1.php;1.jpg Direct access to IE resloves the PHP that is the php shell into File.php;.Jpg in win2003 IIS6 environment will Automatically resolves to PHP.  
  
  
  
  
`