Severity: : Medium
  CVE Kennungen: : MS10-065,CVE-2010-2731
  Advisory Date: 31 maja 2016

  DESCRIPTION

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004399
  Trend Micro Deep Security DPI Rule Name: 1004399 - Directory Authentication Bypass Vulnerability

  AFFECTED SOFTWARE AND VERSION:

  • microsoft iis 5.1