MS.IIS.admpwd.anot.Access
Description
It indicates a potentially malicious attempt to gain password information on a Microsoft Internet Information Service (IIS) server.
The virtual directory within IIS 4.0 contains .htr files which permits users to change passwords remotely. There exists vulnerabilities that allow remote attackers to conduct brute force password attacks, or to identify valid users on a target system by passing it specially-crafted requests.
Affected Products
Any unprotected IIS 4.0 is vulnerable to the attack.
Impact
Attackers can gain account and/or password information on the victim system.
Recommended Actions
Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-04-09 | 14.589 | Default_action:pass:drop |