January 1st, 2010 
Mourad Ben Lakhoua New vulnerability has been discovered by Soroush Dalili in the latest popular Microsoft web server IIS, the vulnerability allows an attacker to bypass the IIS security and execute remotely a malicious code on the system. According to the researcher the gap exist due to the web server incorrectly executing e.g. ASP code included in a [...]
Posted in News 
Tags: Microsoft IIS 0-day, News, Vulnerabilities & attacks, Vulnerability, Web Security 
No Comments » September 6th, 2009 Mourad Ben Lakhoua Microsoft announced lately that it will release five critical updates for windows, but at this time Microsoft did not provide the technical details regarding the patch list like the previous one. However Andrew Storms nCircle’s Director of Security Operations, made a statement about the possible upgrade kit composition, In particular the expert suggested that we [...]
Posted in News, Operating System, Vulnerabilities Tags: Microsoft, Microsoft IIS 0-day, patches 6 Comments » September 1st, 2009 Mourad Ben Lakhoua Proof-of-concept code was posted on Monday that can lead to gain a full control over server running Microsoft IIS. This vulnerability can be serious for webmasters but the attack can only be successful against old versions of IIS (IIS5, IIS6). The bug is particularly concern the FTP service which is an IIS component that used [...]
Posted in Vulnerabilities, Vulnerabilities & attacks, Web Security Tags: Exploit, Microsoft IIS 0-day, Milw0rm 5 Comments »
