Command Execution Flaw in Microsoft Internet Information Services 5.1
CVE-2006-6578

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Services
Vendor: CVE Published:; 15 December 2006

What is CVE-2006-6578?

Microsoft Internet Information Services (IIS) 5.1 contains a vulnerability that allows the IUSR_Machine account to execute non-EXE files, including .COM files. This flaw can permit attackers to run arbitrary commands by exploiting specific arguments passed to these .COM files. The vulnerability becomes apparent when files like win.com are located in web directories with misconfigured permissions, enabling unauthorized command execution which could compromise the integrity of the web server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/2036

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/454268/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 15, 2006
Vulnerability Reserved
Dec 15, 2006

JSON

Microsoft

What is CVE-2006-6578?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.