MS.NTFS.Extended.Attributes.Directory.Authentication.Bypass
Description
This indicates a possible attack against an Authentication Bypass vulnerability in multiple web servers.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker may exploit this by using an Alternate Data Stream to access files located in a directory that has authentication protection.
Affected Products
Microsoft IIS 5.1 on Windows XP Service Pack 3
nginx HTTP Server for Windows prior to 1.2.1
nginx HTTP Server for Windows prior to 1.3.1
Impact
Authentication Bypass: Remote attackers can bypass authentication of vulnerable systems.
Recommended Actions
Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-06-11 | 15.863 | Sig Added |