|
A Powerful IIS Exploit
11/1/99
Mike Hudack
Editor-in-Chief
Many people feel that the exploit being used to deface dozens of Government sites in the past week or two was written by Rain Forest Puppy of ADM. The exploit, made public some time ago on Bugtraq, is useful against most NT machines running IIS.
Unfortunately most machines haven´t had the fix implemented.
ULG has issued a temporary fix to this problem since most sites haven´t implemented the lengthier fixes available from Microsoft. This fix is to be considered temporary, and should be replaced by the Microsoft fix.
The exploit opens up a prompt at the Administrator level for the intruder. From there the intruder can access any box on the network, making any changes he feels fit.
Microsoft has refused to respond to notifications of this exploit, simply not replying to e-mails from OSAll. A phone call to their PR department yielded a promise "for comment" that OSAll has yet to receive.
It would seem that in the rampage of defaced sites perpetrated by Flipz and Fuqrag they´ve either neglected to review the script in any detail or they simply have little perl and NT knowledge -- the script would allow them to totally own any network running a vulnerable IIS system.
|
