Vulnerability Details : CVE-2009-1122
Public exploit exists!
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535.
Vulnerability category: BypassGain privilege
Products affected by CVE-2009-1122
- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1122
21.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-1122
-
MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner
First seen: 2020-04-26auxiliary/scanner/http/dir_webdav_unicode_bypassThis module is based on et's HTTP Directory Scanner module, with one exception. Where authentication is required, it attempts to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable -
MS09-020 IIS6 WebDAV Unicode Authentication Bypass
First seen: 2020-04-26auxiliary/scanner/http/ms09_020_webdav_unicode_bypassThis module attempts to to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM
CVSS scores for CVE-2009-1122
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2009-1122
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-1122
-
http://www.securityfocus.com/bid/35232
Third Party Advisory;VDB Entry
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5861
Third Party Advisory
-
http://www.securitytracker.com/id?1022358
Third Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2009/1539
Third Party Advisory
-
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
http://www.attrition.org/pipermail/vim/2009-June/002192.html
Third Party Advisory
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020
Patch;Vendor Advisory
Jump to