IIS administrators, you may have already seen this attack listed on your favorite security sites.
However, I have good news if you’re an Ipswitch customer running MOVEit DMZ or WS_FTP Server under IIS: the filtering mechanisms in both products designed to prevent many types of SQL injection prevent this one as well. Our hosted customers, whether Sendable users or MOVEit DMZ Hosting Services users, also benefit from the same filtering technology and are likewise safe.
Jonathan Lampe is VP, Product Management, of Ipswitch File Transfer. He developed the first editions of the MOVEit managed file transfer software and continues to guide the File Transfer division as it continues to pursue its mission of moving your most valuable data. He holds a computer science degree and an operations degree from Northern Illinois University, an MBA from the University of Wisconsin-Madison and two security certifications: ISC2's CISSP and SANS' System and Network Auditor.
Leave a Reply