microsoft
-
IIS Shortname Scanner PoC
microsoft 10mo ago
-
Gamer Escape News - The Week of 05/19/13 (Audio Only Version)
microsoft 6m ago
-
Part Time Accounts Payable - North Ryde
microsoft 19m ago
-
Weekly Roundup Episode 20 "Philies finest talks about I/O"
microsoft 53m ago
-
Resident Evil Revelations - Walkthrough Part 4 (Episode 2 - Double Mystery) Jill Campaign 1080p
microsoft 1h ago
-
Microsoft - Project Online
microsoft 2h ago
-
New Xbox Reveal LIVE! With Kovic and Bruce
microsoft 2h ago
-
GS News - Xbox 720 Reveal Incoming
microsoft 3h ago
-
#XboxReveal - Nextgame
microsoft 3h ago
-
Nuevo Trailer "Gameplay" de Cod Ghosts - Black Ops 2 | Noticias #58
microsoft 3h ago
-
How to add Dates in Microsoft® Excel 2010 on a Windows® XP PC
microsoft 3h ago
-
Next Xbox - Xbox Memories Part II
microsoft 4h ago
-
Metro: Last Light - Part 5
microsoft 4h ago
-
Halo 4 HD | Mision 4 (2/2) | Infinity | Español | Let's Play / Walkthrough
microsoft 4h ago
-
Special Announcement: XBox Announcement Live Stream!
microsoft 4h ago
-
#XboxReveal - What to Expect
microsoft 5h ago
-
Xbox Event Predictions
microsoft 5h ago
-
Batman: Arkham Origins, Tearaway, PS4, FIFA, Forzavista: Speed Run
microsoft 6h ago
-
LEAK SPECS XBOX 720 TO BE MORE POWERFUL THAN PS4 MAY21ST
microsoft 6h ago
-
Xbox Music Room Trailer
microsoft 7h ago
-
New Xbox: The Day Before The Big Announcement
microsoft 7h ago
-
#HITB2013AMS D1T2 Nikita Tarakanov - Exploiting Hardcore Pool Corruptions in MS Windows Kernel
microsoft 7h ago
-
MicroNugget: Using Microsoft Project 2013
microsoft 7h ago
-
Game intro: Unreal 2: The Awakening
microsoft 8h ago
-
Kinect Sports Gems - Trailer
microsoft 8h ago
-
XBox Durango Rumor Round-Up!
microsoft 8h ago
-
Geek 2 Chic Fashion Show
microsoft 9h ago
-
Microsoft Access Excel Automation from Microsoft Access Experts
microsoft 9h ago
-
Microsoft Project Online
microsoft 9h ago
-
Tech News Today 757: Yahoo Takes a Tumblr
microsoft 9h ago
Description
Please visit SecProject.com to read the details and find the PoC code: http://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_vulnerability_feature.pdf Microsoft IIS tilde character "~" Vulnerability/Feature - PoC: ------------------------------------------------------------------------------------------ Microsoft IIS tilde character "~" Vulnerability/Feature -- Short File/Folder Name Disclosure, Recoverable DoS Target: http://www.sdl.me/ Server: Microsoft-IIS/7.0 .Net Framework: Version 2 Example: java scanner 2 20 http://www.sdl.me/ -- 20 = number of threads, 2= it shows the live scan result on the screen #Title: [Microsoft IIS tilde character "~" Vulnerability/Feature -- Short File/Folder Name Disclosure, Recoverable DoS] #Date: [ - Vendor Awareness: 3 August 2010 - Vendor Response: 4 Jan 2011 Recoverable DoS issues will be addressed in a Service Pack or next version fix - Last Vendor Response Result for Tilde "~" Vulnerability: As it has already been rectified in latest versions of .Net & IIS which follow best practices, Microsoft does not have any plan to change the other versions. - Published: 29 June 2012 ] #Application Name: [Microsoft IIS, .Net Framework] #Version: [All versions of IIS except IIS 7.5 and on .Net Framework 4] #Impact: [Unknown] #Reference(s): [ - http://www.secproject.com ] #Finder: [ - Soroush Dalili (@irsdl) ] #Technical Supporter: [ - Ali Abbasnejad ]
