info
discussion
exploit
solution
references
Microsoft IIS Unicode Requests to WebDAV Multiple Authentication Bypass Vulnerabilities
References:
Answers to the IIS WebDAV authentication bypass questions
(Microsoft)
IIS 5 / IIS 5.1 / IIS 6 Webdav unicode - the bug that won't die ?
(Thierry Zoller)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass
(Nikolaos Rangos)
Microsoft IIS Homepage
(Microsoft)
More information about the IIS authentication bypass
(Microsoft Security Research & Defense)
UrlScan Security Tool
(Microsoft)
WebDAV Detection, Vulnerability Checking and Exploitation
(Ron Bowes)
New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln
(Steve Friedl
)
ASA-2009-215 MS09-020 Vulnerabilities in Internet Information Services (IIS)
(Avaya)
Microsoft Security Advisory (971492)
(Microsoft)
Microsoft Security Bulletin MS09-020 - Important
(Microsoft)
Vulnerability Note VU#787932 Microsoft IIS 6.0 WebDAV Remote Authentication Bypa
(US-CERT)
Privacy Statement
Copyright 2010, SecurityFocus
