ASP directory vulnerabilities and IIS semicolon vulnerabilities for IIS (;) temporary solution

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

First said the solution: Download the Silver Month Server tool, use the tool-> component Downloader download Isapi_rewrite, decompression out.

Add the Isapi_rewrite.dll in Isapi_rewrite as ISAPI, the name is Isapi_rewrite, this is pseudo static, did not install.

Download the vulnerability patch package, which is the item selected in the following figure, download open!

Replace the Httpd.ini in the Isapi_rewrite directory with the Httpd.ini in the patch package.

Or to ensure that the Httpd.ini below Isapi_rewrite has the following two lines of rules that are selected! This will prevent these two IIS vulnerabilities, is to be valid for these two rules, isapi_ The Httpd.ini in the rewrite directory is a global configuration file that will be applied to all sites, which will protect all sites from vulnerabilities.

Let's talk about this vulnerability (below), as long as a file has (. asp) followed by a semicolon (;) followed by a random character with an extension such as (cao.asp;ca.jpg) the file Windows will be a JPG image file, However, this file is run as an ASP in IIS, (cao.asp;ca.jpg) This file IIS will be identified (cao.asp), the semicolon after the things ignored--. So say (cao.asp; JPG)!

There is a picture in the patch bag, put the law under each site, if someone exploit this loophole! will see this picture!

Principle: In Windows to search for multiple files is to use semicolons (;) to split, if the file itself with a semicolon how to?--。 haha system can not search for this file! The following figure, obviously have this h.asp;kk.jpg this file, in Windows Search will be treated as h.asp and kk.jpg these two files to search, this is a Windows design is inappropriate, should say should not let the semicolon (;) do file name !

But want to know CDX, CER and so on and so on and so on file are ASP's mapping! So aaa.cdx;kk.jpg will be run as ASP! If these mappings are not deleted, they will be exploited.

The following figure is an ASP directory vulnerability, as long as all files below the directory named xxxx.asp will be run as ASP files. This is an ASP directory vulnerability

Silver Moon Network, Silver Month Server tool provides IIS protection update policy.