Microsoft IIS Directory Traversal Vulnerability
Publish Date: 23 de июня de 2016
Severity: : High
DESCRIPTION
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000128
Trend Micro Deep Security DPI Rule Name: 1000128 - HTTP Protocol Decoding
AFFECTED SOFTWARE AND VERSION:
- Microsoft IIS 4.0
- Microsoft IIS 5.0