Recent Posts

0
Comments

Safely handling untrusted XML server-side by naziml

If you didn't think that processing XML on the server side can lead to a Denial of Service, Information Disclosure or even Remote Code Execution, read on. The issues discussed here are include a class of issues that is commonly referred to as XML...
0
Comments

Is IIS vulnerable to the THC SSL DoS attack tool? by naziml

There was a recently released tool by THC that can be used to launch Denial of Service (DoS) attacks against servers hosting SSL sites. Besides the traditional bot-net Distributed Denial of Service (DDoS) class attacks, this tool lets a single client...
0
Comments

Is IIS susceptible to the Apache Range Header DoS attack? by naziml

A recent disclosure on seclists.org about a Denial of Service attack against Apache web servers has raised concerns about whether IIS web servers are affected. We will quickly talk about the issue and its impact on IIS web servers in this post. Issue...
0
Comments

World IPv6 Day and IIS 7 by naziml

Wednesday June 8 2011 is World IPv6 Day and there will be plenty of representation by IIS7 on the Windows Server side. From Microsoft we will have participation in this event by Microsoft.com , Bing.com and Xbox.com ; all of which run IIS7 web servers...
2
Comments

Use of special characters like '%' ‘.’ and ‘:’ in an IIS URL by naziml

There are multiple times that we get questions about % and other special characters in the URL and what the expected behavior is in IIS. The behavior in IIS is very deterministic when it comes to these special characters, but to explain the behavior we...
0
Comments

Security update released for FTP 7.0 and FTP 7.5 0-day by naziml

In the later half of December 2010, an FTP 7.X exploit was published on http://www.exploit-db.com/exploits/15803/ . We posted a risk assessment in a blog on the Security Research and Defense team’s blog http://blogs.technet.com/b/srd/archive/2010/12/22...
1
Comments

Security update released for ASP.NET Padding Oracle Vulnerability by naziml

Microsoft has just released security bulletin MS10-070 with security updates for the issue. The updates are currently on Microsoft Download Center, but will be available through all other channels soon. ScottGu has also blogged some FAQs on this security...
1
Comments

Update 1: ASP.NET Zero Day Vulnerability - Padding Oracle Exploit by naziml

ScottGu has posted some additional FAQs on http://weblogs.asp.net/scottgu/archive/2010/09/20/frequently-asked-questions-about-the-asp-net-security-vulnerability.aspx The Microsoft advisory has been revised with some additional content in the FAQs. http...
0
Comments

ASP.Net zero day vulnerability - Padding Oracle exploit by naziml

An ASP.Net cryptograhic zero day was publicly disclosed today. Microsoft has released an advisory to help customers understand the vulnerability and apply workarounds to secure their sites. The advisory is at http://www.microsoft.com/technet/security...
1
Comments

Fixes for several IIS issues released in September 2010 patch cycle by naziml

We just released a bulletin this September that addresses three IIS vulnerabilites. Two of these were responsibly discolsed, while one was publicly disclosed. The bulletin is on http://www.microsoft.com/technet/security/bulletin/MS10-065.mspx and contains...
4
Comments

Dynamic IP Restrictions Beta 2 released! by naziml

Yes, it has been a while since Beta was released, but Beta 2 is finally released! You can download Dynamic IP Restrictions Beta 2 from the links below. Dynamic IP Restrictions 1.0  Beta 2 – x86 Dynamic IP Restrictions 1.0 Beta 2 – x64 For more details...
1
Comments

Security fix for IIS Extended Protection released by naziml

Microsoft has just released a fix for the Extended Protection for Windows Authentication feature in IIS . The details about the issue are in security bulletin MS10-040 . Important things to note about the issue/fix: The fix is only applicable if you have...
4
Comments

Blocking SQL injection using IIS URL Rewrite by naziml

We have had quite a few conversations about SQL injection on my blog, including Filtering SQL Injection from Classic ASP and Using Rules Configuration in UrlScan 3.0 to filter SQL injection. One of the shortcomings that we talked about was that UrlScan...
1
Comments

Fixing IIS 6 issue with semi-colon by naziml

In an earlier post I talked about the semi-colon issue and since then we have published a KB article 979124 on how to configure uploads for web applications in IIS as well. To complete the story I wanted to do a quick write-up on how to go about fixing...
7
Comments

Public disclosure of IIS security issue with semi-colons in URL by naziml

IIS has been alerted to the claim of a new security issue in IIS 6 and I wanted to explain the issue and our position on it. The issue in question affects only IIS 6 (Windows Server 2003) and arises when you send a URL with a semi-colon in it. IIS 6 uses...
Tags:
More Posts Next page »
Powered by Community Server (Commercial Edition), by Telligent Systems