July 6, 2001

Attack program exploits new Microsoft IIS bug

Author: JT Smith

Newsbytes: "A program that gives remote attackers complete control of vulnerable computers running
Microsoft's popular Web-server software has been quietly posted online and may have
been in use for nearly two weeks.

Source code to the program, which exploits a recently discovered bug in the indexing
service (IDA) of Microsoft's Internet Information server (IIS), was posted last week on the Geocities home
page of a Japanese hacker who uses the nickname "HighSpeed Junkie." According to the code, it was
programmed on June 21."


  • Linux
Click Here!