Microsoft IIS ASP Handling Code Execution (MS08-006) - Ver2 (CVE-2008-0075)

Microsoft Internet Information Services IIS is a multi-featured server product that ships with all versions of Microsoft. The product provides FTP, SMTP, NNTP and HTTP services. The HTTP component, known as the WWW Publishing Service, allows for the serving of dynamic content, notably in the form...

Microsoft IIS ASP远程代码执行漏洞（MS08-006）

BUGTRAQ ID: 27676 CVECAN ID: CVE-2008-0075 Microsoft Internet信息服务（IIS）是Microsoft Windows自带的一个网络信息服务器，其中包含HTTP服务功能。 IIS处理ASP网页输入的方式存在远程代码执行漏洞，允许攻击者向网站的ASP页面传送恶意输入。成功利用这个漏洞的攻击者可以在IIS服务器上以WPI的权限（默认配置为网络服务帐号权限）执行任意操作。 Microsoft IIS 6.0 Microsoft IIS 5.1 临时解决方法： 在Windows Server 2003上禁用传统风格ASP： 1...

MS08-006: Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830)

The remote host is running a version of Windows and IIS that is vulnerable to a flaw that could allow an attacker who has the privileges to upload arbitrary ASP scripts to it to execute arbitrary code. Specifically, the remote version of IIS is vulnerable to a flaw when parsing specially crafted...