SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Microsoft Internet Information Server (IIS) Web Server Vendors:   Microsoft
Microsoft Internet Information Server WebDAV Input Validation Flaw Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1022240
SecurityTracker URL:  http://securitytracker.com/id/1022240
CVE Reference:   CVE-2009-1535   (Links to External Site)
Updated:  Jun 9 2009
Original Entry Date:  May 18 2009
Impact:   Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 5.0, 5.1, 6.0
Description:   A vulnerability was reported in Microsoft Internet Information Server (IIS) Web Server. A remote user can execute arbitrary code on the target system.

A remote user can submit a 'Translate: f' request containing specially crafted unicode characters to trigger an input validation flaw in the WebDAV functionality of IIS and bypass authentication.

This vulnerability can be exploited to access password-protect WebDAV folders and, in certain cases, to upload arbitrary code to the target system and then have the web service execute the code. In the default configuration, the anonymous "IUSR" account does not have write privileges and cannot upload files.

Kingcope reported this vulnerability.

Impact:   A remote user can bypass authentication to access password-protected folders on the target system. This can be exploited to upload and then execute arbitrary code.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4, Microsoft Internet Information Services 5.0:

http://www.microsoft.com/downloads/details.aspx?familyid=8515a294-4f25-4dc5-860a-e7ad9b6c1c01

Windows XP Professional Service Pack 2 and Windows XP Professional Service Pack 3, Microsoft Internet Information Services 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=97da589f-4534-42f6-9f29-967b5a33c542

Windows XP Professional x64 Edition Service Pack 2, Microsoft Internet Information Services 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=8982e6d2-e1f7-4208-88e3-80b159a8e21a

Windows Server 2003 Service Pack 2, Microsoft Internet Information Services 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=2bd4e410-dbd8-431a-b316-e1e2f1825c3a

Windows Server 2003 x64 Edition Service Pack 2, Microsoft Internet Information Services 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=ea363223-535d-4142-9aba-3890960c6259

Windows Server 2003 with SP2 for Itanium-based Systems, Microsoft Internet Information Services 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=e6b806eb-e2c4-4436-8964-720db593055d

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx

The vendor's original advisory is available at:

http://www.microsoft.com/technet/security/advisory/971492.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-020.mspx (Links to External Site)
Cause:   Input validation error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC