Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.243 views

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...

6.8CVSS7AI score0.31118EPSS
Exploits3
Metasploit
Metasploit
added 2012/06/25 8:48 p.m.79 views

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module bypasses basic authentication for Internet Information Services IIS. By appending the NTFS stream name to the directory name in a request, it is possible to bypass authentication. This module requires Metasploit: https://metasploit.com/download Current source:...

6.8CVSS7.2AI score0.31118EPSS
Exploits3
CVE
CVE
added 2010/09/15 6:0 p.m.99 views

CVE-2010-2731

CVE-2010-2731 describes an issue in Microsoft IIS 5.1 on Windows XP SP3 where directory-based Basic Authentication can be bypassed, allowing remote execution of ASP files via a crafted request. The root cause is described in public sources as an authentication bypass related to NTFS stream handli...

6.8CVSS6.6AI score0.31118EPSS
Exploits3References2
Check Point Advisories
Check Point Advisories
added 2010/09/14 12:0 a.m.40 views

Microsoft IIS Directory Authentication Bypass (MS10-065; CVE-2010-1899; CVE-2010-2731)

IIS is a collection of Internet services packaged with several versions of the Windows operating system. An elevation of privilege vulnerability has been reported in Microsoft Internet Information Services IIS. The vulnerability is due to the way IIS parses specially crafted URLs. An attacker may...

6.8CVSS6.4AI score0.57231EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2010/09/14 12:0 a.m.611 views

MS10-065: Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Remote Code Execution (2267960)

The version of IIS installed on the remote host has the following vulnerabilities : - Sending a specially crafted request for an ASP page on a website hosted by IIS can result in a denial of service. CVE-2010-1899 - Sending a specially crafted HTTP request to an IIS server with FastCGI enabled ca...

9.3CVSS5.7AI score0.57231EPSS
Exploits7References4
Circl
Circl
added 2010/07/02 12:0 a.m.12 views

CVE-2010-2731

creationtimestamp| type| source ---|---|--- 2010-07-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/14179 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/iisauthbypass.rb 2020-05-12 13:27:31+00:00| seen|...

6.8CVSS4.8AI score0.31118EPSS
Exploits3References4
Rows per page
Query Builder