Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > University Server Breach not By IIS Vulnerability

» IT Security NEWS
 
» 20 May 2009
University Server Breach not By IIS Vulnerability
According to the administrators of Ball State University, hackers have pounced at the gaping security hole in Microsoft's Internet Information Services (IIS) web server on Monday, making short work of the university's servers on Tuesday.

Patty Lucas, a senior help desk support admin for Ball State's Computing Services disclosed that even up until Wednesday morning California time, iWeb accounts at the Muncie, Indiana-based school continued to be unreachable, while service wasn't expected to be fixed until later this week. Hand-in-hand, Microsoft employees are working alongside university administrators in order to restore access and rectify the breach.

Then, about seven hours after this story first surfaced, Microsoft released a statement refuting the assertions that an IIS bug was used to infiltrate the university's servers. It clarified that the claims the university officials first aired on Tuesday was hasty and erroneous.

On the other hand, part of the reason officials blamed the breach on an IIS vulnerability was Microsoft's own confirmation of an "elevation of privilege vulnerability" in IIS version 5 and 6 when it runs an extension known as WebDAV, which was reported by this site just yesterday.

Security researcher Nikolaos Rangos informs that the flaw is dangerous because it allows anybody with a web browser to access, list, download, and even upload files in a password-protected WebDAV folder on a susceptible machine. The hole is housed in the part of IIS that processes commands based on the WebDAV protocol.

By simply appending several Unicode characters—particularly "%c0%af"—to a web address, hackers can trick the popular web server into letting them access parts of the system that are supposed to be inaccessible to outsiders.

In any case, Microsoft's official report on the matter clearly states that, upon investigation of the Ball State University incident, they discovered that the vulnerability was not used in order to access the server. They also clarify that they haven't gotten any reports that "use this vulnerability or of customer impact at this time."
 
This assessment from the software giant contradicts the warning that the United States Computer Emergency Response Team (US-CERT) issued, which says that Microsoft was aware of the "publicly available exploit code and active exploitation of this vulnerability."

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245