Microsoft's IIS 6 Web-server software admits hackers to servers

May 19, 2009 - 7:11am | Fraud | News |

| More

Microsoft's IIS 6 Web-server software admits hackers to servers

It was announced that the vulnerability of Microsoft's Internet Information Services 6 Web-server software that was posted to the Full Disclosure security mailing list by a security researcher Nikolaos Rangos, was being used for online attacks.

IIS 6 users who have enabled the WebDAV (Web-based Distributed Authoring and Versioning) protocols, used to share documents via the Web were forecasted to be subject to attacks. The attackers using the vulnerability are able to view protected files on the server without authorization. Moreover, they can upload files, states Thierry Zoller, an independent security researcher.

However, Zoller had found no way to use this flaw to run unauthorized software on an IIS the vulnerability could affect other Microsoft products that use the WebDAV technology. He recommends the users to "Disable WebDAV temporarily and wait for Microsoft to patch."

It is also known that Cisco had warned administrators "to put effective mitigations into place immediately because exploit code is publicly available."

Microsoft said it was not aware of such attacks.

Subscribe to Ecommerce Journal RSS feed

Tags keywords: computer security | hacker | IIS6 | Microsoft vulnerability | system bug | WebDAV

0 points

Share this story

What are these?

Comments on Microsoft's IIS 6 Web-server software admits hackers to servers

Post new comment

Similar Articles on Ecommerce Journal by sections

Applications get less vulnerable while websites don’t, reports IBM

Does Windows 7 make any difference for users compared to Vista?

The highest level of malware infection comes to US PCs, reports Microsoft

Men are less security savvy than women

RIM, Microsoft and Apple continue losing to Google Android

PAYMENT SYSTEMS

Single bill for outlet purchases and hotel room

CheckFree lost control of its domains due to attack from Eastern Europe

PayPal suspends account of security researcher for showing its SSL vulnerability

RBS WorldPay partners with Arsenal Security Group for PCI compliance programme

CyberSource introduces new payment integration software

Are ATMs in danger?

Mobile banking to be protected by SMobile

Barclays came up with m-banking customers free security software from Kaspersky

Wells Fargo is offering safe document storage

Security applications for online banking

Beware!!! New XSS bugs of American Express

MasterCard will protect chip-based payment products with Cryptography Research

MasterCard company securing its data with PCI-GENERAL™

Share credit card transactions at own risk

Xbox LIVE Prepaid Cards'll be released by Gift Card Mall and Microsoft alliance

ECOMMERCE-CHECKED

Seraph Security Inc. starts a new life as Commerce Online Inc.

PayLeap partners with e-commerce software leader, Interspire

McAfee study: online security fears affect online shopping

SourceForge grows up - and out

Android versus Windows Phone 7 review: what really matters?

INVESTMENT INDUSTRY

Halarona assures that mutual funds for the Internet will become a reality

The scammer with three scam programs

Forex runner strategy for day traders

1dailyfunds forget this fund

FINRA wants to improve broker history service BrokerCheck

Microsoft's IIS 6 Web-server software admits hackers to servers

Microsoft investigates F1 vulnerability on old Windows versions

200 Windows applications have a security bug that is easy to exploit by hackers

Internet Explorer to be patched, no more Gmail like attacks

Windows Help helps hackers get full control of your PC

Windows Phone 7 is the worst option for companies: supports no business features

Microsoft thinks Oracle leads the world to degradation

Any Internet browser exposes your personal data: online privacy is a myth now!

A completely new Internet Explorer 9, what should we expect?

African countries have the safest Internet in the world

31 vulnerabilities patched by Microsoft

What is that should be patched at Microsoft PowerPoint?

TCP and other network flaws patched by Microsoft

Apple’s ignoring Mac security bug makes a hacker warn users

More secure “cloud computing” with Cisco

Jeremy Bonnardel: "We want ECU to be the easiest to use e-currency..."

Director of Bastion Investments Inc., Interview with Jean-Michel Lenegre

ForexNetClub: "Prosperity, success and sharing of wealth with customers..."

More questions answered: exclusive interview with Cliff Hopkins of PayPal

Junneaux Jean from Chronotimex: "...invested amount is more than $320 thousands"

After 6 years of the filing Microsoft fined $388 million for patent infringement

EU commission will consider vendors’ feedback before settling Microsoft case

$200 million charged on Microsoft to pay in fine to i4i Ltd

Microsoft is obliged to pay over $105 million for violating VirnetX patent

Microsoft gets $320,000 from Dazhong Insurance guilty in pirated software use

Affiliate with Ecommerce Journal
© 2006 eCommerce Journal, All materials copied should be followed by a back-link to http://ecommerce-journal.com/.
Ecommerce Journal - more about virtual economy|e-commerce news | articles | forex news | trading news | stocks news
| banks | payment systems | payment processors | plastic cards | e-currency exchange | investment | cyber fraud |
gambling news | poker news | casino news | betting news | news free-lance | jobs | CV | ecommerce law aspects |
economic news | trading news | e commerce interview | merchant news | e-commerce history | business news | internet news
Any violation will be reviewed as crime and will be reported to corresponding law authorities. News sitemap

Today's news in Figures

What browser is leading the market even so: Internet Explorer or Firefox?

Today's news in Payment systems

Heartland will pay $5 million to Discover: last settlement in a data breach case

PayPal is collaborating with Green Dot on special promotion

eBay further bejewels its PayPal service by discarding Google Checkout

First Data makes its card data tokenization solution public for all

Will Perfect Money allow loan operations? Obscure new options

Liberty Reserve reportedly follows e-gold’s fate with anti-money laundering

Today's news in Plastic cards

Facebook launches gift cards with loaded Credits

Today's news in Markets

Forex trends: euro strengthens on ECB interest rate announcement waiting

Buck behaves variously ahead of US economic reports & ECB interest rate decision

Forex trends: pound slips as UK house prices dropped more than expected

Forex trends:franc moves up after better-than-expected Swiss Q2 GDP data release

Metal markets: gold gains as global economic prospects remain shaky

Forex news:yen strengthens on weaker-than-expected Australian trade surplus data

Today's news in Investment industry

Sweet Earning VS Precious Fund: battle of investment projects

Today's news in Other themes

Microsoft to sell 3 licenses for Windows 7 Home Premium for just $149

Baidu will focus its mobile Internet investments on search business

Apple launches next generation operating systems: iOS 4.1 and iOS 4.2

Will Google manage to keep its workforce from evasion to Facebook?

PS3 hacking dongle is now available in the Web

Why Nokia plans to close down its Ovi Files service?

Microsoft finally puts its Windows Phone 7 into production