A pretty serious security hole has been found in Microsofts IIS4.0 webserver. By sending a buffer overflow, which is basically a large amount of data, to some pages, the buffer spills out of the HTML root directories and allow programs to be run on the server.

The scary thing is, I've already seen 10 lines of Perl code that have expoited the bug.

Check out the full story here at Wired or get it straight from the company that discovered it.