Content
(MS09-020) Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability (970483)
- Type
- Format String
- Impact of exploitation
- Privilege Escalation
- User Interaction
- no user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- Low
- CVE reference
- CVE-2009-1122,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Internet Information Services 5.0,
- Internet Information Services 5.1,
- Internet Information Services 6.0,
- Summary
- A vulnerability in Microsoft Internet Information Services may allow for remote privilege escalation attacks.
Tab Navigation
Description
A vulnerability in Microsoft Internet Information Services may allow for remote privilege escalation attacks. The flaw is specific to the method used by the WebDAV extension for IIS to handle HTTP requests. Exploitation can be achieved via a specially-crafted HTTP request, allowing an attacker to gain access to locations which normally require authentication.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-020) Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability (970483)
- Signature identifier:
- 6752
- Release date:
- 6/9/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
- Signature identifier:
- 0x40261600
- Release date:
- 6/9/2009
- First released in:
- 4.1.51, 5.1.21
McAfee Anti-Virus protection
Detection is provided as Exploit-CVE2009-1122 when scanning with heuristics enabled using the following products: SIG, SWG
- Signature:
- DATs
- Signature identifier:
- 5642
- Release date:
- 6/10/2009
- First released in:
- Exploit-CVE2009-1122
The Remedy V-Flash of June 10 contains remedies.
- Release date:
- 6/10/2009
Additional Resources
Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
All Information
Timeline -
6/9/2009
Vendor has provided a patch.
Description -
A vulnerability in Microsoft Internet Information Services may allow for remote privilege escalation attacks. The flaw is specific to the method used by the WebDAV extension for IIS to handle HTTP requests. Exploitation can be achieved via a specially-crafted HTTP request, allowing an attacker to gain access to locations which normally require authentication.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-020) Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability (970483)
- Signature identifier:
- 6752
- Release date:
- 6/9/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
- Signature identifier:
- 0x40261600
- Release date:
- 6/9/2009
- First released in:
- 4.1.51, 5.1.21
McAfee Anti-Virus protection
Detection is provided as Exploit-CVE2009-1122 when scanning with heuristics enabled using the following products: SIG, SWG
- Signature:
- DATs
- Signature identifier:
- 5642
- Release date:
- 6/10/2009
- First released in:
- Exploit-CVE2009-1122
The Remedy V-Flash of June 10 contains remedies.
- Release date:
- 6/10/2009
Additional Resources
Additional Resources -
Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
