Security Hero Rotating Header Image

New Microsoft IIS flaw

New Microsoft IIS flaw

A vulnerability in Microsoft Internet Information Services (IIS) web server could enable an attacker to access or upload files to protected WebDAV folders. The SANS Internet Storm Center said in a blog post that “adding certain Unicode characters to an URL makes it possible to bypass authentication in IIS.” The vulnerability was rated “moderately critical” and affects Microsoft IIS 5.1 and 6.0, according to an advisory from Secunia. Storm Center handlers recommended turning off WebDav until more details about the vulnerability are uncovered. X AM


URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/cEyTj8OMvZo/

Leave a Reply

Powered by WP Hashcash

Spam Protection by WP-SpamFree

Bad Behavior has blocked 540 access attempts in the last 7 days.