Microsoft IIS 5.1 Alternate Data Stream Authentication Bypass Vulnerability

Microsoft Internet Information Services (IIS) is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication.

An attacker can exploit this issue to gain unauthorized access to protected resources, which may lead to other attacks.

This issue affects IIS 5.1; other 5.x versions may also be affected.

Please note that this issue does not affect versions 6.x and 7.x.


Privacy Statement
Copyright 2010, SecurityFocus