Search
Keyword: usoj_iis.alien
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
Installation This Trojan drops the following copies of itself into the affected system and executes them: %Windows%\IIS\CPUInfo.exe (Note: %Windows% is the Windows folder, where it usually is C:\Windows on all
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
CVE-2009-4444,CVE-2009-4445 Microsoft IIS is prone to a security-bypass vulnerability. This vulnerability may result in IIS interpreting unexpected files as CGI applications. Attackers may be able to
(daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability." nvd: Per: http://www.microsoft.com/technet/security/Bulletin/MS10-065.mspx
Microsoft Internet Information Services (IIS) 6.0, and Microsoft Internet Information Services (IIS) 7.0. The said vulnerabilities allow remote code execution on affected systems FTP Service on IIS 5.0, or
(daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability." Microsoft IIS 5.0,Microsoft IIS
\Microsoft\ Windows\CurrentVersion\Setup\ Oc Manager\TemporaryData\7a0:11da580\ iis HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Updates\UpdateExeVolatile HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Updates
modify files. microsoft iis 5.0,microsoft iis 5.1,microsoft iis 6.0 Apply associated Trend Micro DPI Rules. 1003508| 1003508 - Microsoft IIS Unicode Requests To WebDAV Authentication Bypass Vulnerability
CVE-2005-2678 Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI,
on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122. Microsoft IIS 5.0,Microsoft IIS 5.1,Microsoft IIS 6.0 Trend
\SOFTWARE\Microsoft\ Windows\CurrentVersion\Setup\ Oc Manager\TemporaryData\610:106208\ iis HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Updates\UpdateExeVolatile HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Updates
modify files. microsoft iis 5.0,microsoft iis 5.1,microsoft iis 6.0 Apply associated Trend Micro DPI Rules. 1000128| 1000128 - HTTP Protocol Decoding
LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." Microsoft IIS 6.0,Microsoft IIS 5.0 Apply associated Trend Micro DPI Rules. 1003698
CVE-2000-0071 cve: IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. Microsoft IIS 3.0,Microsoft IIS
arbitrary code. Microsoft IIS 4.0,Microsoft IIS 5.0 Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense
CVE-2000-0457 ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr
CVE-2000-0630 IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a .htr to the URL, a variant of the "File Fragment Reading via .HTR"
CVE-2001-0004 IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F .htr" to the requested URL, which causes the files