When IIS receives a user request to run a script, it renders the request in a decoded canonical form, then performs security checks on the decoded request. A vulnerability results because a second, superfluous decoding pass is performed after the initial security checks are completed. Thus, a specially crafted request could allow an attacker to execute arbitrary commands on the IIS Server.
See MS advisory MS01-026(Superseded by ms01-044) See http://www.microsoft.com/technet/security/bulletin/ms01-044.mspx
- Apache Open For Business Weak Password security check
- CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
- Microsoft Windows Media Services ISAPI Extension Code Execution Vulnerabilities
- Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability
- Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability