Posted by DiKKy Heartiez on Jun 23
Goatse Security researchers have discovered a new vulnerability spreading in Microsoft's IIS products.
SynopsisBy using specially crafted URLs (uniform resource locators), an attacker can run commands and arbitrary code on
a remote machine.
ExploitBy using the unicode equivalent of the "/" character (%c0%af) in a URL (or double-encoding part of the "../"
string), directory traversal outside the document root is…