critical IIS vulnerability
Go read the vulnerability description now!
Basically – if your users upload files to your site and THEY specify file names, you’re vulnerable:
– IIS can execute any extension as an Active Server Page or any other executable extension.
For instance “malicious.asp;.jpg” is executed as an ASP file on the server. Many file
uploaders protect the system by checking only the last section of the filename as its
extension. And by using this vulnerability, an attacker can bypass this protection and upload a dangerous executable file on the server.
There’s an unchecked patch for this vulnerability, but again this shows that you just can’t allow any user input saved to your system without filtering.
So, if you allow file uploads – your script have to specify filenames, not users.