6 matches found
Nmap NSE 6.01: http-iis-webdav-vuln
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE net: http-iis-webdav-vuln
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft IIS 5.0 WebDAV绕过认证漏洞(MS09-020)
BUGTRAQ ID: 35232 CVECAN ID: CVE-2009-1122 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS的WebDAV扩展没有正确解码特制请求的URL,导致WebDAV在处理该请求时应用不正确的配置。如果应用的配置允许匿名访问,则特制的请求可以绕过身份验证。 请注意IIS在配置的匿名用户帐户的安全上下文中仍会处理该请求,因此此漏洞不能用于绕过NTFS ACL,文件系统ACL对匿名用户帐户强加的限制将仍然执行。 Microsoft IIS 5.0 临时解决方法...
CVE-2009-1122
CVE-2009-1122 is the IIS WebDAV authentication bypass vulnerability associated with the MS09-020 family. The Initial Description notes an improper URL decode in IIS WebDAV that can bypass authentication and allow reading/creating files via crafted HTTP requests. Connected documents corroborate an...
Microsoft IIS Anonymous HTTP Request Authentication Bypass (MS09-020; CVE-2009-1122)
Web Distributed Authoring and Versioning WebDAV is a set of extensions for HTTP that allow clients to publish, lock, and manage resources on the Web. An elevation of privilege vulnerability has been reported in the Microsoft Windows WebDAV extension for IIS. The vulnerability is due to an error i...
CVE-2009-1122
creationtimestamp| type| source ---|---|--- 2009-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8806 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/ms09020webdavunicodebypass.rb 2018-05-29...