Skip to main content

Microsoft IIS Web Server Discloses Sensitive Information Vulnerability

Last Update Date: 10 Jul 2012 Release Date: 9 Jul 2012 5399 Views

RISK: High Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in Microsoft IIS Web Server. which can be exploited by remote user to potentially sensitive information.

 
A remote user can supply a specially crafted request containing the tilde ('~') character to determine whether a matching file exists within the web directory on the target system without specifying the entire filename.
 
This can be exploited to determine filenames more rapidly than by brute force guessing individual characters of the filename. This can also be exploited to potentially bypass certain URL string based filtering if such filtering is used.
 
A remote user can supply a specially crafted request containing the tilde character and the '::$Index_Allocation' string to determine whether matching files exist within ostensibly protected directories within the web directory on the target system.
 
On systems running .Net, a remote user can supply a specially crafted request to cause the target system to make an excessive number of file system calls, which may temporarily affect system performance.

Impact

  • Information Disclosure

System / Technologies affected

  • Microsotf Internet Information Services 5.x
  • Microsotf Internet Information Services 6.x

Solutions

  • Vendor patch is currenly unavailable.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link