[Zope] msadc exploit?

Graham Chiu gchiu@compkarori.co.nz
Tue, 13 Feb 2001 21:41:31 +1300


On Tue, 13 Feb 2001 10:33:25 +1100
 Curtis Maloney <curtis@cardgate.net> wrote:

> This is an exploit against IIS (probably 4.0) which can
> potentialy run a 
> program.  The path has to be exact, and can be foiled by
> installing IIS in a 
> non-default path (higher or deeper in the heirarchy).

Hi Curtis,

I do have IIS installed, but no services running.  In case I
forget and accidentally enable it, I have deleted the
msadcs.dll (?) that allows this exploit now.

I complained to the owner of this address range, and they
said that address was not one of theirs!

--
Graham Chiu