Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Japanese hacker exploits Microsoft bug

Japanese hacker exploits Microsoft bug

by micron on July 10th, 2001 Houston, Texas, USA July 04, 2001 (News via [email protected])
A program has been released that gives total jurisdiction of computers running Microsoft’s well-known Web-server. The software was smoothly posted online and may have been in use for nearly one month.The suspected Japanese “hacker" programmer posted the full and complete source code to the program, which exploits a bug in the indexing service (IDA) of Microsoft’s Internet Information Server (IIS), was posted last week on the Geocities home page of the hacker known as AKA “HighSpeed Junkie.”




According to the code, it was created on the 21 of June. Microsoft statistics show that nearly 6 million Web sites contain a buffer overflow flaw that could enable a remote attacker to gain


total access of the server. Last Wednesday, and anonymous third party posted a link to the source code, along with instructions for going about disclosing security vulnerabilities in IIS.





The unrevealedsource also went about posting directory of an Internet mailing list devoted to MS Windows security vulnerabilities. We have to remember that exploitation is used daily. Remember with out progress there is no perfection and if their were perfection it would leave no room for progress. So you see it fits hand and hand, like the yin and the yang.


You can’t have one without the other The Microsoft’s advisory on the IDA vulnerability can be found at http://www.microsoft.com/technet/security/bulletin/MS01-033.asp


http://www.eeye.com/html/Research/Advisories/AD20010618.html


By [email protected] Reported by http://xatrix.org


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »