A vulnerability exists in the way Microsoft Internet Information Server (IIS) handles unicode tokens that may allow authentication bypass.
Web-based Distributed Authoring and Versioning (WebDAV) is a set of HTTP extensions that allow collaborative management and editing of files collected on remote servers. The way that Microsoft IIS's implementation of WebDAV handles unicode tokens may allow authentication bypass. According to Nikolaos Rangos:
The specific flaw exists within the WebDAV functionality of IIS 6.0. The Web Server fails to properly handle unicode tokens when parsing the URI and sending back data.
A remote attacker may be able to bypass the access restrictions and list, download, upload and modify protected files.
We are currently unaware of a practical solution to this problem. Please consider the following workarounds:
|Temporal||0||E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)|
|Environmental||0||CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)|
This vulnerability was publicly disclosed by Nikolaos Rangos.
This document was written by Chris Taschner.
|Date First Published:||2009-05-19|
|Date Last Updated:||2009-05-20 20:59 UTC|