|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IIS 6 AUX command - is it patched?I received an inquiry by our security team today saying that a standard scan of our servers reported that one of our IIS servers (that is running IIS 6) triggered a warning of a potential vunerability: CVE-2007-2897. The text we were given for the vunerability was: --- "Microsoft Internet Information Server (IIS) is an industry-standard Web server for the Windows platform. Microsoft Internet Information Services contains a vulnerability that may allow for remote denial-of-service attacks. A specially crafted request sent to the server may render it unresponsive." --- This CVE appears to have originated in 2007, our servers are fully patched. Can anyone confirm if this vunerability has been taken care of, and if so, in what update / patch from MS? Thanks in advance! James Hi again - does anyone at MSFT have any idea about this? I am an MSDN
subscriber in need of a rapid response on this before our security team takes action. Thanks James On May 27, 3:12 pm, "James" <j DOT w AT zoom DOT co DOT uk> wrote: If you need a rapid response from Microsoft, you should contact PSS> Hi again - does anyone at MSFT have any idea about this? I am an MSDN > subscriber in need of a rapid response on this before our security team > takes action. > > Thanks > James and open a support case. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang //  
Other interesting topics
How to solve Error message 401.2 in IIS 5.1?
Extende logging option in IIS 6 Certificate Options Where to put my IIS WebServer ? Help with HTTP 401.2 - Access is denied error IIS7: require LDAP authentication for restricted network access Backing up an IIS server Re: IIS7 - # of universal group memberships breaks kerberos authentica Is Exchange 2003 OWA vulnerable to Security Advisory (971492) - We IIS SSL and Sharepoint |
|||||||||||||||||||||||
