Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Microsoft IIS File Parsing Extension Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft IIS File Parsing Extension Vulnerability

A vulnerability has been identified in Microsoft Internet Information Services (IIS) where the server in incorrectly handling files with multiple extensions separated by the ";" character such as "malicious.asp;.jpg" as an ASP file. This could allow attackers to upload malicious executables on a vulnerable web server, bypassing file extension protections and restrictions. This vulnerability does not work with ASP.Net.

Pending an IIS security patch, some workaround are available here.
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Guy

472 Posts
ISC Handler
Dec 24th 2009

Sign Up for Free or Log In to start participating in the conversation!