Lucene search
MicrosoftCVELIST:CVE-2009-1122HistoryJun 10, 2009 - 6:00 p.m.
CVE-2009-1122
2009-06-1018:00:00
microsoft
www.cve.org
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka “IIS 5.0 WebDAV Authentication Bypass Vulnerability,” a different vulnerability than CVE-2009-1535.
References
www.attrition.org/pipermail/vim/2009-June/002192.html
www.securityfocus.com/bid/35232
www.securitytracker.com/id?1022358
www.us-cert.gov/cas/techalerts/TA09-160A.html
www.vupen.com/english/advisories/2009/1539
docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5861
Related
cve
cve
securityvulns
securityvulns
nvd
nvd
openvas
openvas
Nmap NSE: IIS WebDAV Vulnerability
2010-08-10 00:00:00
Nmap NSE net: http-iis-webdav-vuln
2011-06-01 00:00:00
Microsoft IIS Security Bypass Vulnerability (970483)
2009-06-10 00:00:00
nessus
nessus
prion
prion
Authentication flaw
2009-06-10 14:30:00
Authentication flaw
2009-06-10 18:30:00
cvelist
cvelist
CVE-2009-1535
2009-06-10 14:00:00
checkpoint_advisories
checkpoint_advisories
cert
cert
Microsoft IIS WebDAV Remote Authentication Bypass
2009-05-19 00:00:00
seebug
seebug
Microsoft IIS 5.0 WebDAV绕过认证漏洞(MS09-020)
2009-06-13 00:00:00