- Jul 27, 2020
- 16,332
- 10,345
- 106
Maybe they should opensource IIS then?
If they did that they would be spending 10's of thousands of man hours fixing zero-days that are discovered.Maybe they should opensource IIS then?
Probably something leftover from the debug build, or maybe it was a canned "feature".My favourite is one that allowed an attacker to essentially gain console access to the entire server, it would spit out the output of the command right into the web browser by initiating specially formatted urls. Almost like it was by design.