Release date:
Updated on:
Affected Systems:
Microsoft IIS 7.5
Microsoft IIS 6.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53906
Internet Information Services (IIS) is a basic Internet service provided by Microsoft based on Microsoft Windows.
Microsoft IIS 6.0 and 7.5 have Authentication Bypass and source code leakage vulnerabilities. Attackers can exploit these vulnerabilities to illegally access password-protected resources and view the source code in the server process.
<* Source: Kingdom (kingcope@gmx.net)
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Microsoft
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.microsoft.com/technet/security/