Microsoft IIS Authentication Bypass And Source Code Disclosure Vulnerabilities Network Vulnerability

Summary

Microsoft IIS is prone to an authentication-bypass vulnerability and a source-code disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to gain unauthorized access to password-protected resources and view the source code of files in the context of the server process this may aid in further attacks. Microsoft IIS 6.0 and 7.5 are vulnerable other versions may also be affected.

References

http://www.microsoft.com/windowsserver2003/iis/default.mspx
http://www.securityfocus.com/bid/53906

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Aspen Sever Directory Traversal Vulnerability
Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
CUPS Information Disclosure Vulnerability
Apache Tomcat Request Object Security Bypass Vulnerability (Win)

Microsoft IIS Authentication Bypass and Source Code Disclosure Vulnerabilities

Take action and discover your vulnerabilities