Short Name |
HTTP:IIS:WEBDAV:REQ-DISCLO |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IIS WebDAV Request Source Code Disclosure |
Release Date |
2010/10/07 |
Update Number |
1787 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Microsoft IIS Webdav. Attackers can use this vulnerability to disclose information.
Microsoft IIS is reportedly affected by a remote script source disclosure vulnerability. A successful attack causes the Web server to present the requested file as a plain text file and subsequently disclosing the source. It should be noted that this issue only presents itself when the requested files are stored on a FAT or FAT32 volume and does not arise if the script files are stored on a NTFS volume. Microsoft IIS 5.1 is vulnerable to this issue.