Slashdot Mirror

← Back to Stories (view on slashdot.org)

Eight New Security Holes in IIS

Posted by timothy on Thursday April 11, 2002 @03:26PM from the nobody's-perfect dept.

TedCheshireAcad writes: "A story at the Register asserts that MS's 'Trustworthy Computing' campaign has failed once again, with eight new IIS vulnerabilities discovered. The vulnerabilities include such delights as a buffer overflow in the ASP ISAPI filter, improper HTTP header handling, FrontPage Server Extensions problems and more goodies. Both IIS 4 and 5 are vulnerable. Thanks to eEye and @Stake for their advisories here(1) and here(2)."

2 of 46 comments (clear)

Min score:

Reason:

Sort:

Re:Why? by Anonymous Coward · 2002-04-11 15:52 · Score: 1, Funny

> I can understand if Microsoft would create a decent product, buy after hearing root hole
> after root hole, WHO WOULD WANT TO USE THIER PRODUCT?

Because the next version will fix all the problems in the current one.

Seriously. Some nitwits still believe that lie from Microsoft.

That and it will give you a handjob while you configure it. :-)
Mmmmm 8 holes... by Anonymous Coward · 2002-04-11 16:07 · Score: 1, Funny

It's an IIS gangbang!