UAE HACKERS.COM

United Arab Emirate's site for security news, latest security blog posts, security podcasts, hardware hacks and security related links.

Tuesday, May 19, 2009

Unicode on IIS Vulnerability...Again!

Yup, you read it right.... Microsoft has a new vulnerability in IIS 6.0 which is more specifically: WebDav Unicode Remote Auth Bypass.

This means that an attacker can send malformed requests to the web server via the URL of a browser and be able to bypass passwords to download and list files on the webserver's protected folders.

Simple and easy way to hack IIS! Here are the details and links:

http://www.cgisecurity.com/2009/05/iis60-webdav-unicode-remote-auth-bypass.html

http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html

http://www.theregister.co.uk/2009/05/18/iis6_file_pilfering_bug/

Happy Hacking :)
Posted by at
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

NEWS FEEDS:

SecurityStreet:

Loading...

PandaLabs Blog

Loading...

Webroot Threat Blog

Loading...

Daily Infosec News

Loading...

HITBSecNews

Loading...

Naked Security - Sophos

Loading...

Taddong

Loading...

Zone-H.org News

Loading...

CGISecurity

Loading...

ArsTechnica:

Loading...

HACK A DAY

Loading...

Help Net Sec

Loading...

The Spanner

Loading...

Middle East Technology News

Loading...

CRIME

Loading...

Selil Blog

Loading...

HACKING IN THE NEWS

Loading...

Special Defacements

Loading...

The Certified Geek

Loading...

DoS Files ≈ Packet Storm

Loading...

E Hacking News

Loading...

Banned in UAE:

The following websites are blocked by ISPs in UAE.

News ≈ Packet Storm

Loading...

DARKNET

Loading...

MySecured.com

Loading...
Copyright © 2008-2009 UAE Hackers.com .
All rights reserved.