IIS漏洞

IIS漏洞

漏洞ID 1106031 漏洞类型 未知
发布时间 2000-10-04 更新时间 2005-05-02
图片[1]-IIS漏洞-安全小百科CVE编号 CVE-2000-0951
图片[2]-IIS漏洞-安全小百科CNNVD-ID CNNVD-200012-110
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20269
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200012-110
|漏洞详情
带索引服务器启用和指数特性设置的IIS5.0版本存在错配置漏洞。远程攻击者借助Web分布式创作和版本控制(WebDAV)搜索在web根列举目录表单。
|漏洞EXP
source: http://www.securityfocus.com/bid/1756/info

If Index Server is enabled in Microsoft Internet Information Server 5.0, it is possible for a remote user to view the entire root directory structure and all sub-directories due to a flaw in the Web Distributed Authoring and Versioning (WebDAV) search implementation. Hidden directories, include files (*.inc), or other documents that would not normally be accessible through the regular website interface can be exposed through this exploit.

Successful exploitation could lead to the discovery of certain files that may contain sensitive information such as usernames and passwords.

The Index Server is disabled by default in IIS 5.0 and only directories that have the 'Index' property set are affected by this vulnerability. 

SEARCH / HTTP/1.1
Host: target
Content-Type: text/xml
Content-Length: 133

<?xml version="1.0"?>
<g:searchrequest xmlns:g="DAV:">
<g:sql>
Select "DAV:displayname" from scope()
</g:sql>
</g:searchrequest>
|参考资料

来源:XF
名称:iis-index-dir-traverse
链接:http://xforce.iss.net/static/5335.php
来源:BID
名称:1756
链接:http://www.securityfocus.com/bid/1756
来源:MSKB
名称:Q272079
链接:http://www.microsoft.com/technet/support/kb.asp?ID=272079
来源:ATSTAKE
名称:A100400-1
链接:http://www.atstake.com/research/advisories/2000/a100400-1.txt

相关推荐: Michael Dean Double Choco Latte Multiple Module Remote File Include Vulnerability

Michael Dean Double Choco Latte Multiple Module Remote File Include Vulnerability 漏洞ID 1099090 漏洞类型 Input Validation Error 发布时间 20…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享