[VIM] IIS WebDav Vulnerability CVE ID
Sandra Hill
sanhill at us.ibm.com
Wed Jun 10 17:39:44 UTC 2009
Hey Steve,
what about CVE-2009-1122? Is it a duplicate of CVE-2009-1535 also?
Sandra Hill
Security Analyst, X-Force Database Team
Direct: +1 (404) 236 3297
Mail: sanhill at us.ibm.com
Web: www.ibm.com / www.iss.net
"Steven M.
Christey"
<coley at linus.mitr To
e.org> Deapesh Misra <deapesh at gmail.com>
Sent by: cc
vim-bounces at attri vim at attrition.org
tion.org Subject
Re: [VIM] IIS WebDav Vulnerability
CVE ID
06/10/2009 01:36
PM
Please respond to
Vulnerability
Information
Managers
<vim at attrition.or
g>
Hi,
Just to confirm, these are duplicate IDs - they were assigned on the same
day, independently, by both MITRE and Microsoft.
Please use CVE-2009-1535; we're rejecting CVE-2009-1676. See below.
- Steve
======================================================
Name: CVE-2009-1535
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1535
Reference: FULLDISC:20090515 IIS6 + webdav and unicode rides again in 2009
Reference: URL:
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0135.html
Reference: FULLDISC:20090515 Re: IIS6 + webdav and unicode rides again in
2009
Reference: URL:
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0144.html
Reference: FULLDISC:20090515 Re: IIS6 + webdav and unicode rides again in
2009
Reference: URL:
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0139.html
Reference: MISC:
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/att-0135/IIS_Advisory.pdf
Reference: MISC:
http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
Reference: MISC:http://isc.sans.org/diary.html?n&storyid=6397
Reference: MISC:http://view.samurajdata.se/psview.php?id=023287d6&page=1
The WebDAV extension in Microsoft Internet Information Services (IIS)
5.1 and 6.0 allows remote attackers to bypass URI-based protection
mechanisms, and list folders or read, create, or modify files, via a
%c0%af (Unicode / character) at an arbitrary position in the URI, as
demonstrated by inserting %c0%af into a "/protected/" initial pathname
component to bypass the password protection on the protected\ folder,
aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability."
======================================================
Name: CVE-2009-1676
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1676
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1535. Reason:
This candidate is a duplicate of CVE-2009-1535. Notes: All CVE users
should reference CVE-2009-1535 instead of this candidate. All
references and descriptions in this candidate have been removed to
prevent accidental usage.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.attrition.org/pipermail/vim/attachments/20090610/f23d7619/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://www.attrition.org/pipermail/vim/attachments/20090610/f23d7619/attachment.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic31457.gif
Type: image/gif
Size: 1255 bytes
Desc: not available
Url : http://www.attrition.org/pipermail/vim/attachments/20090610/f23d7619/attachment-0001.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://www.attrition.org/pipermail/vim/attachments/20090610/f23d7619/attachment-0002.gif
More information about the VIM
mailing list