On Fri, 31 Jan 2003 [EMAIL PROTECTED] wrote: > Can you tell me if ther is a flaw in the nasl code or if the IIS server is > really vulnerable to the chuncked encoding flaw ?
Afaik, the Apache chunked-encoding vuln was preceded by a similar IIS vuln (but I think that IIS vuln did not affect the IIS core, "just" one of those enable-them-all-by-default ISAPI modules). Is the result (IIS being reported is vulnerable) repeatable? --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
