MS.IIS.WebDAV.Authentication.Bypass

Last Updated DateJun 15, 2009
Release DateMay 22, 2009
SeverityMedium
ImpactSecurity Bypass: Remote attackers can bypass security checking of vulnerable systems.
DescriptionThis indicates an attack attempt to exploit an authentication-bypass vulnerability in Microsoft windows IIS server.

The vulnerability is caused by an error that occurs when the vulnerable
software handles a malicious Web DAV request. A remote attacker may exploit this to bypass the authentication via a crafted HTTP request.
Affected ProductsMicrosoft Internet Information Services 5.0
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
Recommended ActionsRefer to Microsoft Security Advisory 971492 for the suggested workaround:
http://www.microsoft.com/technet/security/advisory/971492.mspx
Common Vulnerabilities and Exposures (CVE)http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1535
Microsoft Bulletin IDMS09-020   http://www.microsoft.com/technet/security/Bulletin/ms09-020.mspx
Reference/shttp://www.securityfocus.com/bid/34993 (BugTraq)
http://www.vupen.com/english/advisories/2009/1330 (FrSIRT)
http://milw0rm.com/exploits/8704
http://milw0rm.com/exploits/8765
http://milw0rm.com/exploits/8806
http://secunia.com/advisories/35109/
http://www.microsoft.com/technet/security/advisory/971492.mspx
http://www.skullsecurity.org/blog/?p=285
Reference: VID-17445