> NSFBUGTRAQOCUS Security Advisory(SA2001-02)
>
> Topic: Microsoft IIS CGI Filename Decode Error Vulnerability
>
> Affected system:
> ================
>
> - Microsoft IIS 4.0
> - Microsoft IIS 5.0
>
> Not affected system:
> ====================
>
> - Microsoft IIS 4.0
> + Microsoft Windows NT 4 + SP6/SP6a(without any new hotfix)
FWIW, you can add Microsoft-PWS to the list of affected systems -
just confirmed on NT4 W/S SP6.
Take care,
Andrew
-
Andrew Thomas
office: +27 21 4889820
facsimile: +27 21 4889830
mobile: +27 82 7850166
"One trend that bothers me is the glorification of
stupidity, that the media is reassuring people it's
alright not to know anything. That to me is far more
dangerous than a little pornography on the Internet."
- Carl Sagan
