Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

IIS BUG

2010-12-22John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2009-12-28Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)

IIS

2015-04-15/a>Johannes UllrichMS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW
2010-12-22/a>John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2010-06-09/a>Deborah HaleMass Infection of IIS/ASP Sites
2009-12-29/a>Rick WannerMicrosoft responds to possible IIS 6 0-day
2009-12-28/a>Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-12-27/a>Patrick NolanPressure increasing for Microsoft to patch IIS 0 day
2009-12-24/a>Guy BruneauMicrosoft IIS File Parsing Extension Vulnerability
2009-09-08/a>Adrien de BeaupreMicrosoft Security Advisory 975191 Revised
2009-09-04/a>Adrien de BeaupreVulnerabilities (plural) in MS IIS FTP Service 5.0, 5.1. 6.0, 7.0
2009-05-24/a>Raul SilesIIS admins, help finding WebDAV remotely using nmap
2009-05-21/a>Adrien de BeaupreIIS admins, help finding WebDAV
2009-05-15/a>Daniel WesemannIIS6.0 WebDav Remote Auth Bypass
2009-01-12/a>William SaluskyWeb Application Firewalls (WAF) - Have you deployed WAF technology?
2008-04-18/a>John BambenekIIS Vulnerability Documented by Microsoft - Includes Workarounds

BUG

2020-09-24/a>Xavier MertensParty in Ibiza with PowerShell
2020-06-11/a>Xavier MertensAnti-Debugging JavaScript Techniques
2020-06-04/a>Xavier MertensAnti-Debugging Technique based on Memory Protection
2017-02-25/a>Guy BruneauUnpatched Microsoft Edge and IE Bug
2016-02-27/a>Guy BruneauWireshark Fixes Several Bugs and Vulnerabilities
2015-02-12/a>Johannes UllrichDid You Remove That Debug Code? Netatmo Weather Station Sending WPA Passphrase in the Clear
2014-09-19/a>Guy BruneauPHP Fixes Several Bugs in Version 5.4 and 5.5
2014-04-08/a>Guy BruneauOpenSSL CVE-2014-0160 Fixed
2013-07-28/a>Guy BruneauWireshark 1.8.9 and 1.10.1 Security Update
2013-06-22/a>Guy BruneauFacebook Reports a Potential Leak of User Data
2012-03-27/a>Guy BruneauWireshark 1.6.6 and 1.4.2 Released
2012-03-27/a>Guy BruneauOpera 11.62 for Windows patch several bugs and vulnerabilities - http://www.opera.com/docs/changelogs/windows/1162/
2010-12-22/a>John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2010-04-10/a>Andre LudwigNew bug/exploit for javaws
2010-02-26/a>Rick WannerNew version of FireBug Firefox plug-in - http://getfirebug.com/
2009-12-28/a>Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-10-26/a>Johannes UllrichToday: ISC Login bugfix day. If you have issues logging in using OpenID, please email a copy of your OpenID URL to jullrich\at\sans.edu
2009-08-31/a>Pedro BuenoMicrosoft IIS 5/6 FTP 0Day released
2009-07-17/a>John BambenekCross-Platform, Cross-Browser DoS Vulnerability
2008-07-11/a>Jim ClausingAnd you thought the DNS issue was an old one...