Last Updated: 2009-12-24 22:28:10 UTC
by Guy Bruneau (Version: 1)
A vulnerability has been identified in Microsoft Internet Information Services (IIS) where the server in incorrectly handling files with multiple extensions separated by the ";" character such as "malicious.asp;.jpg" as an ASP file. This could allow attackers to upload malicious executables on a vulnerable web server, bypassing file extension protections and restrictions. This vulnerability does not work with ASP.Net.
Pending an IIS security patch, some workaround are available here.
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org