Microsoft IIS Directory Traversal Vulnerability
Publish Date: 23 juin 2016
Gravité: : Élevé
Description
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000128
Trend Micro Deep Security DPI Rule Name: 1000128 - HTTP Protocol Decoding
Affected software and version:
- Microsoft IIS 4.0
- Microsoft IIS 5.0