United Arab Emirate's site for security news, latest security blog posts, security podcasts, hardware hacks and security related links.

Tuesday, May 19, 2009

Unicode on IIS Vulnerability...Again!

Yup, you read it right.... Microsoft has a new vulnerability in IIS 6.0 which is more specifically: WebDav Unicode Remote Auth Bypass.

This means that an attacker can send malformed requests to the web server via the URL of a browser and be able to bypass passwords to download and list files on the webserver's protected folders.

Simple and easy way to hack IIS! Here are the details and links:

http://www.cgisecurity.com/2009/05/iis60-webdav-unicode-remote-auth-bypass.html

http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html

http://www.theregister.co.uk/2009/05/18/iis6_file_pilfering_bug/

Happy Hacking :)

No comments:

NEWS FEEDS:

SecurityStreet:

PandaLabs Blog

Webroot Threat Blog

Daily Infosec News

HITBSecNews

Naked Security - Sophos

Taddong

Zone-H.org News

CGISecurity

ArsTechnica:

HACK A DAY

Help Net Sec

The Spanner

Middle East Technology News

Selil Blog

HACKING IN THE NEWS

Special Defacements

The Certified Geek

DoS Files ≈ Packet Storm

E Hacking News

Banned in UAE:

The following websites are blocked by ISPs in UAE.

News ≈ Packet Storm

DARKNET

MySecured.com

Copyright © 2008-2009 UAE Hackers.com .
All rights reserved.