« Announcement: WASC and OWASP Joint Blackhat Vegas Party | Main | Laws Threaten Security Researchers »

IIS 5.x Vuln Exploit released

I just found out about this myself and hadn't seen any news on it so posting it here (better late than never!). A vulnerability has been discovered in IIS5 that Microsoft apparently isn't going to fix allowing an attacker to gain accesses to resources behind NTLM and Basic Auth. Microsoft is suggesting upgrading to IIS6 to address the issue.

"The exploit was discovered on December 15, 2006, and made public since the end of May 2007. The design of IIS 5.x allows to bypass basic authentication by using the hit highlight feature.

Microsoft's response seems to be a bit atypical for them as it includes a section on how to reproduce the exploit. In other words: Microsoft is telling the world how to exploit their products being used by their customers. Not that the worst of those interested in it did not already know, but the one thing we need from Microsoft is not the exploit, but the patch or at least a decent work-around. And that patch is lacking. Their only defensive advice is to upgrade to IIS 6.0."

See the SANs site for alternative fix suggestions.

SANS Link: http://isc.sans.org/diary.html?storyid=2915
Microsoft Link: http://support.microsoft.com/kb/328832
Advisory Link: http://www.securityfocus.com/archive/1/archive/1/469238/100/0/threaded
CVE Link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-281


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!