MS.IIS.WebDAV.Remote.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Microsoft Windows IIS server.
The vulnerability is caused by an error that occurs when the software handles a malicious WebDAV request. A remote attacker may exploit this to bypass authentication via a crafted HTTP request.
Affected Products
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
Impact
Security Bypass: Remote attackers can bypass the security checking of vulnerable systems.
Recommended Actions
Refer to Microsoft Security Advisory 971492 for the suggested workaround:
http://www.microsoft.com/technet/security/advisory/971492.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |