Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2008/03/25 12:0 a.m.78 views

Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass

The remote IIS web server contains a vulnerability in the Server Hit Hilight Module which may allow an attacker to view the contents of a page otherwise requiring authentication. An attacker may exploit this flaw to bypass authentication on certain pages. C Tenable Network Security, Inc...

10CVSS5.6AI score0.7335EPSS
Exploits6References1
Packet Storm
Packet Storm
added 2007/06/06 12:0 a.m.64 views

CVE-2007-2815.txt

CVE-2007-2815 ff0000 [email protected] 01/06/2007 ! /usr/bin/perl use LWP 5.64; require "getopt.pl"; &Getopt'shop'; $browser = LWP::UserAgent-new; $proto=$opts;if$opts$proto="https";else$proto="http"; $host=$opth;if!$opth&usage; $obj =$opto;if!$opto&usage; $port=$optp;if!$optp$port=80; $url =...

10CVSS6.5AI score0.7335EPSS
Exploits6
seebug.org
seebug.org
added 2007/06/02 12:0 a.m.250 views

Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit

No description provided by source. NTLM BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: http://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 Site Protected Object\nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...

10CVSS6.5AI score0.7335EPSS
Exploits6
exploitpack
exploitpack
added 2007/05/31 12:0 a.m.66 views

Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass

Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass !/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...

10CVSS0.5AI score0.7335EPSS
Exploits6
0day.today
0day.today
added 2007/05/31 12:0 a.m.43 views

Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit

Exploit for unknown platform in category remote exploits =================================================================== Microsoft IIS \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n"; exit 0 fi site=$1 protectedObject=$2...

7.1AI score0.7335EPSS
Exploits6
Exploit DB
Exploit DB
added 2007/05/31 12:0 a.m.175 views

Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass

!/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n"; exit 0 fi site=$1 protectedObject=$2...

10CVSS6.5AI score0.7335EPSS
Exploits6
CVE
CVE
added 2007/05/22 7:0 p.m.137 views

CVE-2007-2815

CVE-2007-2815 concerns Microsoft IIS webhits.dll Hit-Highlighting authentication bypass. The hit-highlighting feature in IIS Web Server 5.x (notably IIS 5.0/5.1) uses Windows NT ACLs, enabling remote attackers to bypass NTLM and Basic authentication and access private web directories via the CiWe...

10CVSS6.6AI score0.7335EPSS
Exploits6References5Affected Software1
Cvelist
Cvelist
added 2007/05/22 7:0 p.m.20 views

CVE-2007-2815

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services IIS Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile...

6.7AI score0.7335EPSS
Exploits6References5
Rows per page
Query Builder