CERBERUS/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-05-13 16:57:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add links to some other sources of information on the vulnerability and this script

Browse source
This commit is contained in:
fyodor 2009-05-22 19:59:07 +00:00
parent bfd3c5b3df
commit d971be11a8
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
scripts/http-iis-webdav-vuln.nse
View file

@ -4,6 +4,13 @@ Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access
A list of well known folders (almost 900) is used by default. Each one is checked, and if returns an authentication request (401), another attempt is tried with the malicious encoding. If that attempt returns a successful result (207), then the folder is marked as vulnerable.
This script is based on the Metasploit modules/auxiliary/scanner/http/wmap_dir_webdav_unicode_bypass.rb auxiliary module.
For more information on this vulnerability and script, see:
* http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
* http://seclists.org/fulldisclosure/2009/May/att-0134/IIS_Advisory_pdf
* http://www.skullsecurity.org/blog/?p=271
* http://www.kb.cert.org/vuls/id/787932
* http://www.microsoft.com/technet/security/advisory/971492.mspx
]]
---