English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.803555
Kategorie:Nmap NSE
Titel:Nmap NSE 6.01: http-iis-webdav-vuln
Zusammenfassung:Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV;folders by searching for a password-protected folder and attempting to access it. This vulnerability;was patched in Microsoft Security Bulletin MS09-020.;;A list of well known folders (almost 900) is used by default. Each one is checked, and if returns an;authentication request (401), another attempt is tried with the malicious encoding. If that attempt;returns a successful result (207), then the folder is marked as vulnerable.;;This script is based on the Metasploit;modules/auxiliary/scanner/http/wmap_dir_webdav_unicode_bypass.rb auxiliary module.;;For more information on this vulnerability and script see the references.;;SYNTAX:;;http.pipeline: If set, it represents the number of HTTP requests that'll be;pipelined (ie, sent in a single request). This can be set low to make;debugging easier, or it can be set high to test how a server reacts (its;chosen max is ignored).;;basefolder: The folder to start in, eg. ''/web'' will try ''/web/xxx''.;;folderdb: The filename of an alternate list of folders.;;http-max-cache-size: The maximum memory size (in bytes) of the cache.;;webdavfolder: Selects a single folder to use, instead of using a built-in list.
Beschreibung:Summary:
Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV
folders by searching for a password-protected folder and attempting to access it. This vulnerability
was patched in Microsoft Security Bulletin MS09-020.

A list of well known folders (almost 900) is used by default. Each one is checked, and if returns an
authentication request (401), another attempt is tried with the malicious encoding. If that attempt
returns a successful result (207), then the folder is marked as vulnerable.

This script is based on the Metasploit
modules/auxiliary/scanner/http/wmap_dir_webdav_unicode_bypass.rb auxiliary module.

For more information on this vulnerability and script see the references.

SYNTAX:

http.pipeline: If set, it represents the number of HTTP requests that'll be
pipelined (ie, sent in a single request). This can be set low to make
debugging easier, or it can be set high to test how a server reacts (its
chosen max is ignored).

basefolder: The folder to start in, eg. ''/web'' will try ''/web/xxx''.

folderdb: The filename of an alternate list of folders.

http-max-cache-size: The maximum memory size (in bytes) of the cache.

webdavfolder: Selects a single folder to use, instead of using a built-in list.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-1122
BugTraq ID: 35232
http://www.securityfocus.com/bid/35232
Cert/CC Advisory: TA09-160A
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Microsoft Security Bulletin: MS09-020
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5861
http://www.securitytracker.com/id?1022358
http://www.attrition.org/pipermail/vim/2009-June/002192.html
http://www.vupen.com/english/advisories/2009/1539
Common Vulnerability Exposure (CVE) ID: CVE-2009-1535
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0135.html
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0139.html
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0144.html
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/att-0135/IIS_Advisory.pdf
http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
http://isc.sans.org/diary.html?n&storyid=6397
http://view.samurajdata.se/psview.php?id=023287d6&page=1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6029
CopyrightCopyright (C) 2013 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.