ID de Prueba:	1.3.6.1.4.1.25623.1.0.900711
Categoría:	Web Servers
Título:	Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability
Resumen:	Check for the version of IIS and presence of WebDAV
Descripción:	Overview: The host is running Microsoft IIS Webserver with WebDAV Module and is prone to remote authentication bypass vulnerability. Vulnerability Insight: Due to the wrong implementation of UNICODE characters support (WebDAV extension) for Microsoft IIS Server which fails to decode the requested URL properly. Unicode character checks are being done after IIS Server internal security check, which lets the attacker execute any crafted UNICODE character in the HTTP requests to get information on any password protected directories without any authentication schema. Impact: Successful exploitation will let the attacker craft malicious UNICODE characters and send it over the context of IIS Webserver where WebDAV is enabled. As a result due to lack of security implementation check it will let the user fetch password protected directories without any valid authentications. Impact Level: Application Affected Software/OS: Microsoft Internet Information Services version 5.0 to 6.0 Workaround: Disable WebDAV or Upgrade to Microsoft IIS 7.0 http://www.microsoft.com/technet/security/advisory/971492.mspx Fix: Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx References: http://view.samurajdata.se/psview.php?id=023287d6&page=2 http://www.microsoft.com/technet/security/advisory/971492.mspx http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html http://downloads.securityfocus.com/vulnerabilities/exploits/34993.rb http://downloads.securityfocus.com/vulnerabilities/exploits/34993.txt
Referencia Cruzada:	BugTraq ID: 34993 Common Vulnerability Exposure (CVE) ID: CVE-2009-1535 http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0135.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0144.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0139.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/att-0135/IIS_Advisory.pdf http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html http://isc.sans.org/diary.html?n&storyid=6397 http://view.samurajdata.se/psview.php?id=023287d6&page=1 Microsoft Security Bulletin: MS09-020 http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx Cert/CC Advisory: TA09-160A http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.attrition.org/pipermail/vim/2009-June/002192.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6029
Copyright	Copyright (C) 2009 SecPod

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario Email: Usuario: Contraseña: Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas. Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.     Privacidad

Ingreso de Usuario Registrado   Usuario:     Contraseña:     ¿Olvidó su usuario o contraseña?? Email/ID de Usario: