Microsoft URLScan 2.5/RSA Security SecurID 5.0 – Configuration Enumeration

Microsoft URLScan 2.5/RSA Security SecurID 5.0 – Configuration Enumeration

漏洞ID 1054099 漏洞类型
发布时间 2003-08-14 更新时间 2003-08-14
图片[1]-Microsoft URLScan 2.5/RSA Security SecurID 5.0 – Configuration Enumeration-安全小百科CVE编号 N/A
图片[2]-Microsoft URLScan 2.5/RSA Security SecurID 5.0 – Configuration Enumeration-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23034
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8419/info

A weakness has been discovered in Microsoft URLScan and RSA Security SecurID when used in conjunction on a web server. The problem is said to occur due to the order in which the products are placed within the global ISAPI filter list.

When the vulnerable configuration is in place, an attacker may be capable of enumerating the Microsoft URLScan extension filtering list by making repeated requests to files with differing extensions.

The enumeration of this type of information could potentially aid an attacker when launching further attacks against the target web server.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/23034.tar.gz

相关推荐: Opera Same Origin Policy Circumvention Vulnerability

Opera Same Origin Policy Circumvention Vulnerability 漏洞ID 1102740 漏洞类型 Access Validation Error 发布时间 2001-11-15 更新时间 2001-11-15 CVE…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享