MS.NTFS.Extended.Attributes.Directory.Authentication.Bypass

description-logoDescription

This indicates a possible attack against an Authentication Bypass vulnerability in multiple web servers.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker may exploit this by using an Alternate Data Stream to access files located in a directory that has authentication protection.

affected-products-logoAffected Products

Microsoft IIS 5.1 on Windows XP Service Pack 3
nginx HTTP Server for Windows prior to 1.2.1
nginx HTTP Server for Windows prior to 1.3.1

Impact logoImpact

Authentication Bypass: Remote attackers can bypass authentication of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-06-11 15.863 Sig Added