Signature Detail
Short Name |
HTTP:IIS:SOURCE-CODE-DISC |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
IIS HTR/ASP UNC Mapped Virtual Host |
Release Date |
2011/03/02 |
Update Number |
1875 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: IIS HTR/ASP UNC Mapped Virtual Host Vulnerability
This signature detects attempts to exploit a known vulnerability against Microsoft IIS. Attackers can bypass security restrictions and obtain the full source code of the file back to a remote user by a backward slash "\" appended to an ASP or HTR extension in a URL request.
Extended Description
If a virtual host root is mapped to a UNC share, a backward slash "\" appended to an ASP or HTR extension in a URL request to that virtual host will cause Microsoft Internet Information Server to transmit full source code of the file back to a remote user. Files located on the local drive where IIS is installed is not affected by this vulnerability.
Affected Products
- Microsoft Commercial Internet System 2.0
- Microsoft Commercial Internet System 2.5
- Microsoft IIS 4.0
- Microsoft IIS 4.0 Alpha
- Microsoft IIS 5.0
- Microsoft Proxy Server 2.0
- Microsoft Site Server 3.0 i386
- Microsoft Site Server Commerce Edition 3.0 alpha
- Microsoft Site Server Commerce Edition 3.0 i386
References
- BugTraq: 1081