Microsoft IIS Various Domain User Account Access Vulnerability
SecurityFocus.com has sent us a "heads-up" regarding a flaw in Microsoft IIS' handling of FTP domain authentication. It seems that a user attempting to authenticate using a valid login name appended with specially chosen characters is not required to specify the domain which the account belongs. "The FTP service will instead search the domain and all trusted domains for the user account. Once the account is located, the user will have to complete the authentication process. At this point brute force attacks can be used in an attempt to gain access to the domain."
Microsoft IIS Various Domain User Account Access Vulnerability
Latest ColdFusion Jobs (CF-Jobs)
- Coldfusion Web Developer - Natick, MA
- Need Remote LAMP or WIMP or ColdFusion Work
- ColdFusion Developers/Arlington, Virginia/Direct
- ColdFusion MX Developers Needed in NYC!
- Seasoned ColdFusion Developer Available
- Available:Sr ColdFusion Developer
- Mid Lvl ColdFusion Developer - Phoenix, AZ
- ColdFusion Developer - Knoxville, TN
- ColdFusion Positions in TX and SC!!! Immediate!
- Coldfusion Developer available
Want a number like 800-ColdFusion?
My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?