[WEB SECURITY] Microsoft.fr web defacement - misconfiguration or zero-day exploit?

Jeremiah Grossman jeremiah at whitehatsec.com
Mon Jun 19 19:31:26 EDT 2006


Microsoft France site hack leads to security rumors
http://www.infoworld.com/article/06/06/19/79423_HNmsfrancehit_1.html

"The defacement led to rumors that the hackers may have used a new  
undisclosed vulnerability in Internet Information Services 6.0 Web  
server, but Microsoft says a server was misconfigured "


On Jun 19, 2006, at 9:26 AM, Hayes, Bill wrote:

> Was the recent Microsoft.fr web defacement aided by site
> misconfiguration or an IIS 6.0 zero-day exploit?  Any clues?
>
> Bill...
>
> ---------------------------------------------------------------------- 
> ------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
>
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list