New Search

IIS 5.0 WebDAV Authentication Bypass Vulnerability

oval:org.mitre.oval:def:5861

The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs which allows remote attackers to bypass authentication and possibly read or create files via a crafted HTTP request aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability" a different vulnerability than CVE-2009-1535.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2009-1122
Product(s):
  • Microsoft Internet Information Server 5.0