Vulners
Lucene search
iDEFENSE Security Advisory 2003-05-22.t
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2003-0317 | 23 May 200304:00 | – | cve |
 | CVE-2003-0317 | 23 May 200304:00 | – | cvelist |
 | EUVD-2003-0312 | 7 Oct 202500:30 | – | euvd |
 | iisPROTECT Encoded URL Authentication Bypass | 28 May 200300:00 | – | nessus |
 | CVE-2003-0317 | 31 Dec 200305:00 | – | nvd |
`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
iDEFENSE Security Advisory 05.22.03:
http://www.idefense.com/advisory/05.22.03.txt
Authentication Bypass in iisPROTECT
May 22, 2003
I. BACKGROUND
iisPROTECT is designed to provide password protection to web
directories similar to the htaccess method utilized by the Apache
Software Foundation's HTTP web server. More information about
iisPROTECT is available at http://www.iisprotect.com .
II. DESCRIPTION
Upon successful installation and implementation of iisPROTECT, users
will be presented with a login and password dialog box when
attempting to access files contained in a protected directory.
Consider the following example:
http://iisprotected.example.com/protected/secret.html
An attacker can bypass this authentication by simply requesting the
same file through different URL-encoded representations. Examples of
these include but are not limited to:
http://iisprotected.example.com/%70rotected/secret.html
http://iisprotected.example.com/protected%2fsecret.html
III. ANALYSIS
Any remote attacker can exploit the above-described vulnerability to
bypass the access control restrictions imposed by iisPROTECT, thereby
exposing potentially sensitive files and information.
IV. DETECTION
iisPROTECT 2.1 and 2.2 are vulnerable. Previous versions may be
vulnerable as well.
V. VENDOR FIX/RESPONSE
iisPROTECT has released version 2.2.0.9 to fix this vulnerability.
The latest version is available at www.iisprotect.com .
VI. CVE INFORMATION
The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project
has assigned the identification number CAN-2003-0317 to this issue.
VII. DISCLOSURE TIMELINE
12/31/2002 Issue disclosed to iDEFENSE
04/16/2003 E-mail sent to [email protected]
04/16/2003 Response received from David Fearn of iisPROTECT
04/16/2003 Patch provided to iDEFENSE for verification
05/22/2003 Coordinated public disclosure
Get paid for security research
http://www.idefense.com/contributor.html
Subscribe to iDEFENSE Advisories:
send email to [email protected], subject line: "subscribe"
About iDEFENSE:
iDEFENSE is a global security intelligence company that proactively
monitors sources throughout the world from technical
vulnerabilities and hacker profiling to the global spread of viruses
and other malicious code. Our security intelligence services provide
decision-makers, frontline security professionals and network
administrators with timely access to actionable intelligence and
decision support on cyber-related threats. For more information,
visit http://www.idefense.com .
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
iQA/AwUBPs0sI/rkky7kqW5PEQJ11gCdHgUEgy8TT+Lr/t/tef6BYG4FisQAnR4k
pNS6K6Zfcoq+2VAn0Tezj/rC
=pkHC
-----END PGP SIGNATURE-----
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
23 May 2003 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.03498