7 matches found
A species vulnerability--IIS 5.1 Directory Authentication Bypass-vulnerability warning-the black bar safety net
Bugtraq ID: 4 1 3 1 4 CVE ID: CVE-2 0 1 0-2 7 3 1 CNCVE ID: CNCVE-2 0 1 0 2 7 3 1 Vulnerability published:2010-07-01 Vulnerability update time:2010-09-14 Vulnerability causes: access validation error Danger level: low Affected systems: Microsoft IIS 5.1 Hazard: a remote attacker can exploit the...
CVE-2010-2731
Unspecified vulnerability in Microsoft Internet Information Services IIS 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass...
Snitz Forums 2000 Active.ASP SQL注入漏洞
Snitz Forums 2000是一款基于ASP的WEB应用程序。 Snitz Forums 2000不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'Active.ASP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Snitz Forums 2000 Snitz Forums 2000 3.4.6 Snitz Forums 2000 Snitz Forums 2000 3.4 .05 Snitz Forums 2000 Snitz Forums...
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass !/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...
Microsoft IIS 5.1 - WebDAV HTTP Request Source Code Disclosure
Microsoft IIS 5.1 - WebDAV HTTP Request Source Code Disclosure source: https://www.securityfocus.com/bid/14764/info Microsoft IIS is reportedly affected by a remote script source disclosure vulnerability. A successful attack causes the Web server to present the requested file as a plain text file...
MS Windows IIS 5.0 - 5.1 Remote Denial of Service Exploit
漏洞描述: Microsoft IIS 5.0Internet Infomation Server 5是Microsoft Windows 2000自带的一个网络信息服务器,其中包含HTTP服务功能。IIS5 默认提供了对WebDAV的支持,通过WebDAV可以通过HTTP向用户提供远程文件存储的服务。 WebDAV实现对部分模式的超长请求处理不正确,远程攻击者可以利用这个漏洞对IIS服务进行拒绝服务攻击。 攻击者可以使用'PROPFIND'或'SEARCH'请求方法,提交包含49,153字节的Webdav请求,IIS会由于拒绝服务而重新启动。不过IIS...
CVE-2002-1181
Summary: CVE-2002-1181 is an IIS XSS vulnerability affecting Microsoft Internet Information Services 4.0–5.1, exposed via the IISHELP ASP file (and possibly other vectors). The admin web interface can allow remote attackers to execute HTML/script as other users. The connected OpenVAS entries conf...