Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2009-1535,MS09-020
  Date du conseil: 21 juillet 2015

  Description

The WebDAV extension in Microsoft Internet Information Services (IIS) allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1003508
  Trend Micro Deep Security DPI Rule Name: 1003508 - Microsoft IIS Unicode Requests To WebDAV Authentication Bypass Vulnerability

  Affected software and version:

  • microsoft iis 5.0
  • microsoft iis 5.1
  • microsoft iis 6.0