Microsoft IIS文件更改通知本地权限提升漏洞（MS08-005）

BUGTRAQ ID: 27101 CVECAN ID: CVE-2008-0074 Microsoft Internet信息服务（IIS）是Microsoft Windows自带的一个网络信息服务器，其中包含HTTP服务功能。 IIS处理FTPRoot、NNTPFile\Root和WWWRoot文件夹中文件变化通知的方式存在本地权限提升漏洞，成功利用这个漏洞的攻击者可以在本地系统安全环境中执行任意指令。 Microsoft IIS 7.0 Microsoft IIS 6.0 Microsoft IIS 5.1 Microsoft IIS 5.0 临时解决方法： 在Windows...

MS08-005: Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)

The remote host contains a version of Microsoft Internet Information Services IIS that is vulnerable to a security flaw that could allow a local user to elevate his privileges to SYSTEM due to a bug in the way IIS handles file change notifications in the FTPRoot, NNTPFile\Root and WWWRoot folders...