Critical Vulnerability in IIS 5.0

By N-Stalker Team on March 18, 2003

IIS 5.0 gives the attacker full control of your system. Compromised systems should be removed from the network, analyzed and rebuilt with care. Worms can be written to exploit this vulnerability and patching is critically important.

According to reports by CNET, intruders are actively exploiting this vulnerability. Also, according to an article on MSNBC.com, the U.S. Army was compromised and it mentions the remote vulnerability. These articles can be found at:

First follow CERT’s advisory for patching details. This document is available from: http://www.cert.org/advisories/CA-2003-09.html.

All users should run Windows Update and Windows Automatic Updating (formerly known as Critical Notification) to be assured their systems have the latest patches and security updates. See Microsoft’s
bulletin and patch
for this security flaw.

(N-Stalker Security Force)

This entry was posted in Previous Security Advisories. Bookmark the permalink.