Sensepost.exe.Access
Description
It indicates a potentially malicious attempt to traverse directory and possibly execute command on Microsoft Internet Information Service (IIS).
There exists a vulnerability in some versions of IIS servers that allows attackers to browse protected directories without proper authorization. A remote attacker may even be able to execute arbitrary commands on a target system by exploiting the vulnerability.
Affected Products
Any unprotected IIS 4.0 or 5.0 is vulnerable to the attack.
Impact
Attackers gain information about the victim system and even execute arbitrary commands.
Recommended Actions
Apply appropriate patches or upgrade the system to the latest non-vulnerable version
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-04-09 | 14.589 | Default_action:pass:drop |