rain forest puppy's investigation of the recent Microsoft IIS remote command execution vulnerability which was first mentioned in a ms00-078. UNICODE character translation on foreign IIS 4.0 and 5.0 servers allows additional ways of encoding '/' and '\', allowing commands to be executed under the IUSR_machine context.
2b1c446965eae66c719dc5275df8c83c036b0c35b914f77fa9b14f18472713f1