This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Microsoft Security Bulletin July 2006-Vulnerabilities in IIS and ASP.Net

From OWASP
Revision as of 23:45, 11 July 2006 by Dinis.cruz (talk | contribs) (Research questions)

Jump to: navigation, search

Published on 11th July 2006

  • Microsoft Security Bulletin MS06-034 - Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537)
  • Microsoft Security Bulletin MS06-033 - Vulnerability in ASP.NET Could Allow Information Disclosure (917283)

I am a bit confused why MS06-034 is marked with 'Remote Code Execution' since if we follow the same logic, then MS should also release an advisory called "Asp.Net allows Remote Code Execution"


Research questions

Dinis Cruz