[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139:00217] Re: IIS CGI Filename Decode Error Vulnerability

To: port139@xxxxxxxxxxxxx
Subject: [port139:00217] Re: IIS CGI Filename Decode Error Vulnerability
From: Hideaki Ihara <hideaki@xxxxxxxxxxxxx>
Date: Fri, 18 May 2001 11:57:53 +0900

$B$3$s$K$A$O!"(BPort139 $B0K86$G$9!#(B
(B
$B$A$g$C$H=PD%$J$I$K=P$F$*$j$^$7$?!#(B
(B
(BOn Wed, 16 May 2001 08:55:27 +0900
(BMasaki Sugihara <sugihara@xxxxxxxxxx> wrote:
$B!#(B
(B>$BF|K\(BMS$B$N%;%-%e%j%F%#>pJs%a!<%k$h$j$b>pJs$,Aa$/$F6C$-$G$9!#(B
(B
$B%;%-%e%j%F%#%"%s%F%J$N$*$+$2$G$9$+$M!#(B
(B
(BMS $B$N%;%-%e%j%F%#>pJs$b!"(BUS $B$,=P$F$+$i:G6a$O(B 0$BF|$J$I$G8x3+(B
$B$5$l$F$$$^$9$+$i!"$+$J$jAa$/$J$C$F$^$9$M!#(B
(B
(BJWNTUG OpenTalk $BEl5~$N%m%0$,8x3+$5$l$?$i8+$F$$$?$@$-$?$$$N(B
$B$G$9$,!"(B
(B
(B $B!&(BUS $B$N%;%-%e%j%F%#>pJs7G:\$+$iF|K\8lHG$N>pJs7G:\$^$G$N4|(B
(B   $B4V$r%G%k%?%?%$%`$H8F$V(B
(B $B!&(BMS01-026 $B$O%G%k%?%?%$%`$O(B 0 $BF|$G%j%j!<%9$5$l$F$$$k(B
(B   $B;~:9$N4X78$K$h$k:9$OB8:_$9$k(B
(B $B!&4pK\E*$KF|K\8lHG(B hotfix $B$,40@.$9$k$^$G$O1Q8lHG$N%j%j!<%9(B
(B   $B$bBT$C$F$$$k(B
(B $B!&$?$@$7!"967bJ}K!$,0lHL$K8x3+$5$l$F$$$k>l9g$K$O40@.$7$F$$(B
(B   $B$k1Q8lHG$+$i@h$K%j%j!<%9$5$l$k(B
(B
$B$H$$$&>u67$N$h$&$G$9$N$G!"$$$^$^$G;6!98@$o$l$F$$$?F|K\8lHG(B
$B$N(B hotfix $B$,CY$$$H$$$&$N$O:rG/!J%G%k%?%?%$%`$,Ls(B 1$B=54V!K$H(B
$BHf$Y$k$H$+$J$j2~A1$5$l$F$$$^$9!#(B
(B
$B$H$$$C$F$b!"(Bemail $B$NG[?.$OCY$$$3$H$,B?$$$G$9$+$i(B Web $B$r8+$?(B
$BJ}$,3NpJs8;$K$D$$$F$I$N$h$&$J$b$N$rMxMQ$5$;$F$$$k$+(B
(B>$B65$($F$$$?$@$1$^$;$s$G$7$g$&$+!#$h$m$7$/$*4j$$$$$?$7$^$9!#(B
(B
$BF|:"$O>.Eg$5$s$N%5%$%H$G$9(B ;)
(Bhttp://www.st.ryukoku.ac.jp/%7Ekjm/security/memo/
(B
$B$G$b:#=5$O99?7$,$J$$$H$$$&$3$H$G!"<+J,$G(B NTbugtraq $B$J$I8+$F(B
$B$$$^$9!#!JF|:"$+$i$A$c$s$H%A%'%C%/$9$Y$-$J$s$G$9$,(B...$B!K(B
(B
$B;d$N>l9g$K$O!"4pK\E*$K(B $B%;%-%e%j%F%#%[!<%k(B memo $B$K7G:\$5$l$F(B
$B$$$k%j%s%/$+$i$N>pJs$,http://www.port139.co.jp/
(BPGP PUBLIC KEY: http://www.port139.co.jp/pgp/

References:
- [port139:00215] Re: IIS CGI Filename Decode Error Vulnerability
  - From: Hideaki Ihara
- [port139:00216] Re: IIS CGI Filename Decode Error Vulnerability
  - From: Masaki Sugihara

Prev by Date: [port139:00216] Re: IIS CGI Filename Decode Error Vulnerability
Next by Date: [port139:00218] NT4.0+Sp6a+IIS4.0 $B$GI,MW$J(B$B=$@5%b%8%e!<%k0lMw(B [2001/05/18$BHG(B ]
Previous by thread: [port139:00216] Re: IIS CGI Filename Decode Error Vulnerability
Next by thread: [port139:00218] NT4.0+Sp6a+IIS4.0 $B$GI,MW$J(B$B=$@5%b%8%e!<%k0lMw(B [2001/05/18$BHG(B ]
Index(es):
- Date
- Thread