Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft IIS File Parsing Extension Vulnerability

Published: 2009-12-24
Last Updated: 2009-12-24 22:28:10 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

A vulnerability has been identified in Microsoft Internet Information Services (IIS) where the server in incorrectly handling files with multiple extensions separated by the ";" character such as "malicious.asp;.jpg" as an ASP file. This could allow attackers to upload malicious executables on a vulnerable web server, bypassing file extension protections and restrictions. This vulnerability does not work with ASP.Net.

Pending an IIS security patch, some workaround are available here.
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

0 comment(s)

F5 BIG-IP ASM and PSM Remote Buffer Overflow

Published: 2009-12-24
Last Updated: 2009-12-24 01:57:02 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

The BIG-IP Application Security Manager (ASM) and Protocol Security Manager (PSM) "bd" daemon is vulnerable to a remote buffer overflow which could be exploited by remote attackers to cause a denial of service and may cause the system to crash and dump core.


The following products affected by this issue are:

F5 BIG-IP ASM versions 9.4.4 through 9.4.7
F5 BIG-IP ASM versions 10.0.0 through 10.0.1
F5 BIG-IP PSM versions 9.4.5 through 9.4.7
F5 BIG-IP PSM versions 10.0.0 through 10.0.1

Registered users can access the advisory here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

0 comment(s)
Diary Archives