Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
 
Keep TACKtech.com free by purchasing something from our sponsors.
Make a financial contribution
  Technical Updates @ TACKtech Corp.  

06.09.2009 - MS09-020 - Important: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)



View Microsoft related news. Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.

- View Microsoft Security Bulletin MS09-020
- View Microsoft Knowledge Base Article - 970483
- Visit Microsoft Corporation

NID: 28762 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS16-140 - Important: Security Update for Boot Manager (3193479) - Version: 1.1
MS16-130 - Critical: Security Update for Microsoft Windows (3199172) - Version: 1.1
MS16-134 - Important: Security Update for Common Log File System Driver (3193706) - Version: 1.0
MS16-141 - Critical: Security Update for Adobe Flash Player (3202790) - Version: 1.0
MS16-132 - Critical: Security Update for Microsoft Graphics Component (3199120) - Version: 1.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........