DOSSING IIS 4 or IIS5 fully patched using GET /%0%0 HTTP/1.0

NtWaK0, SecurHack. Labs Security Advisory 1-13-2001 DOSSING IIS 4 or IIS5 fully patched using GET /00 HTTP/1.0 oooooooooooooooooo Vulnerable Systems oooooooooooooooooo IIS 4 and IIS 5 even if fully patched. oooooooo Synopsis oooooooo While playing with miner in retina I sent this GET /00 HTTP/1.0...

iis-unicode.txt

Recently I received an email from Par Osterberg that directed my attention to a post in the Packetstorm forums: http://209.143.242.119/cgi-bin/cbmc/forums.cgi?authkey=anonymous&uname=anonymous&datopic=Windows&mesgcheck=defined&gum=474&editoron= An anonymous person posts that they can run arbitrar...