IIS short file and folder disclosure vulnerability-vulnerability warning-the black bar safety net

2012-07-08T00:00:00
ID MYHACK58:62201234271
Type myhack58
Reporter 佚名
Modified 2012-07-08T00:00:00

Description

本文 翻译 自 exploit-db.com,is hard to force Amderma children's shoes after hours of tossing,reproduced, please renowned provenance,tks. E Wen too the dish,if there is an error, please you greatly more correct.

IIS is Microsoft using the Microsoft windows feature extension modules created a set ofweb serverapplication, is the world's third most popular Server.

Vulnerability description:

Vulnerability research team discovered a Microsoft IIS vulnerability,the attacker can use the one that contains the"~"in the get request,to keep files on the server and the folder is leakage,

Affects versions:

IIS 1.0, Windows NT 3.51

IIS 2.0, Windows NT 4.0

IIS 3.0, Windows NT 4.0 Service Pack 2

IIS 4.0, Windows NT 4.0 Option Pack

IIS 5.0, Windows 2 0 0 0

IIS 5.1, Windows XP Professional and Windows XP Media Center Edition

IIS 6.0, Windows Server 2 0 0 3 and Windows XP Professional x64 Edition

IIS 7.0, Windows Server 2 0 0 8 and Windows Vista

IIS 7.5, Windows 7 (remote on error or no web. config configuration file of the case)

IIS 7.5, Windows 2 0 0 8 (classic managed pipeline mode)

Vulnerability analysis with the use of:

If the site is running in IIS on the server, by"~"to find some files and folders,attacker can find important files or folders, if these files or folders is a normal visible file.

On the vulnerability of in-depth analysis can refer to the following connection in the article:

<http://soroush.secproject.com/blog/2012/06/microsoft-iis-tilde-character-vulnerabilityfeature-short-filefolder-name-disclosure/>

Vulnerability details:

[1] [2] [3] next