[WEB SECURITY] Microsoft.fr web defacement - misconfiguration or zero-day exploit?

Gaetano Zappulla gaetano at bacarospo.net
Tue Jun 20 07:34:27 EDT 2006

Hayes, Bill ha scritto:
> Was the recent Microsoft.fr web defacement aided by site
> misconfiguration or an IIS 6.0 zero-day exploit?  Any clues?


"The attacker revealed that he exploited a .net script 0day
vulnerability after discovering that expert.microsoft.fr had installed
and was running a vulnerable .net nuke script."

you can put back the defcon to 5 ;)


The Web Security Mailing List: 

The Web Security Mailing List Archives: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

More information about the websecurity mailing list