1. Blue Screen Of Death When Chaning a setting in IIS7
Vista Home Premium x64 My web sites ( local testing ) are on an external HDD. So i pointed the default web site to the location of my web sites, so far so good. I tried to view a page and IIS7 threw an error saying that there was some asp.net error. Looked at the most likely cause was that the web.config impersonation is set to true. So i went into IIS and disabled it... as soon as i do that a blue screen of death comes up saying multiple_irp_complete_requests... What can i do from here to get things working?
2. Delphi2005, ASP .NET project, blue screen death
3. OT: IIS SSL Web server exploit warning
4. [News] Windows & IIS Now Easily Exploited - Linux
5. [News] [Rival] Microsoft Exposes IIS Flaw/Exploit, Calls It a 'Feature'
6. Exploit in IIS to send spam?
7. FSO exploit
Hi, My server was hacked over this weekend using the FSO exploit. It is sad that by uploading one simple asp file to one website in a server, hacker can access the whole machine, both drive C and drive D. Well I should have played around with the IUSR permissions not allowing it to access drive C where web files are not kept; however most sites hosted on my server require both read and write access, giving the hacker the privilage to do anything he/she wants. I thought of unregistering the FSO component but many sites use the Dictionary object wich woul dalso be disabled. I am really stuck and cannot find a solution. Has anyone come up with a solution? I have limited hackers access to many areas by disabling IUSR access; however many folders still need IUSR to write to them. Also this asp file can see inside access databases too; which is frightening.