Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.287 views

MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner', 'Description' = %q This module is based on et's HTTP Directory Scanner module, with...

7.5CVSS7.4AI score0.92339EPSS
Exploits5
Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.250 views

MS09-020 IIS6 WebDAV Unicode Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Authentication Bypass', 'Description' = %q This module attempts to to bypass authentication using the WebDAV IIS6...

7.5CVSS7AI score0.92339EPSS
Exploits5
Metasploit
Metasploitadded 2010/02/01 2:12 a.m.34 views

MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module is based on et's HTTP Directory Scanner module, with one exception. Where authentication is required, it attempts to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS...

7.5CVSS0.4AI score0.92339EPSS
Exploits5
seebug.org
seebug.orgadded 2009/06/13 12:0 a.m.143 views

Microsoft IIS 5.0 WebDAV绕过认证漏洞(MS09-020)

BUGTRAQ ID: 35232 CVECAN ID: CVE-2009-1122 Microsoft Internet信息服务(IIS)是Microsoft Windows自带的一个网络信息服务器,其中包含HTTP服务功能。 IIS的WebDAV扩展没有正确解码特制请求的URL,导致WebDAV在处理该请求时应用不正确的配置。如果应用的配置允许匿名访问,则特制的请求可以绕过身份验证。 请注意IIS在配置的匿名用户帐户的安全上下文中仍会处理该请求,因此此漏洞不能用于绕过NTFS ACL,文件系统ACL对匿名用户帐户强加的限制将仍然执行。 Microsoft IIS 5.0 临时解决方法...

7.6CVSS6.3AI score0.92339EPSS
Exploits5
Tenable Nessus
Tenable Nessusadded 2009/06/10 12:0 a.m.73 views

MS09-020: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)

Due to a flaw in the WebDAV extension for IIS, an anonymous, remote attacker may be able to bypass authentication by sending a specially crafted HTTP request and gain access to a protected location. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid39342;...

7.5CVSS5.4AI score0.92339EPSS
Exploits5References3
Nmap
Nmapadded 2009/05/20 12:43 a.m.410 views

http-iis-webdav-vuln NSE Script

Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020, . A list of well known folders almost 900 is use...

10CVSS9.3AI score0.94176EPSS
Exploits33
Rows per page
Query Builder