MS09-020 Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
Important - Elevation of Privilege This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
CVE-2009-1535
Public exploit
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122.
Max CVSS
7.5
EPSS Score
95.04%
Published
2009-06-10
Updated
2020-11-23
CVE-2009-1122
Public exploit
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535.
Max CVSS
7.5
EPSS Score
8.52%
Published
2009-06-10
Updated
2020-11-23