Microsoft IIS6 Vulnerability: Server sensitive information easily stolen

Source: Internet
Author: User
Keywords Microsoft IIS
Tags access address based files hackers hackers can iis information
Security experts recently warned administrators using Microsoft Internet Information Services IIS 6 that Web servers are vulnerable to attacks and expose password-protected files and folders. It is reported that this vulnerability exists in some process commands based on WebDAV protocol. By adding some Unicode characters to the Web address, hackers can access these sensitive files, which are generally protected by a system password. In addition, the vulnerability can be used to upload malicious files to the server. Nikolaos Rangos security researcher said, "the Web server cannot handle Unicode tokens correctly when parsing and sending back data." The US Computer Emergency Preparedness Team has also identified the problem, and the Organization recommends disabling the WebDAV protocol until the problem is fully resolved. However, the vulnerability exists only in the IIS6 version, and WebDAV is turned off by default. Microsoft's security team is also working on the report, a company spokesman said, "We are not sure if anyone is using this loophole to launch an attack or how it affects customers," according to the report The following four strings must be used to access a password-protected protected.zip file, which exists under a folder called Protected: Get/. %c0%af/protected/protected.zip http/1.1 translate:f connection:close host:servernameunicode character "%c0%af" is actually converted to "/", The input command also lets IIS6 quickly resolve to a valid file path. After the hacker sends the request, the Web server sends him a return packet without authenticating him. It is reported that this attack can be used to access, upload, and view password-protected WebDAV folders. Secunia commented on this vulnerability as "medium critical." The report also brings to mind the 2001-Year IIS vulnerability. At that time, an attacker could use this vulnerability to bypass IIS path checking to execute or open arbitrary files.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.