Microsoft IIS 5.0 - Authentication Bypass (MS10-065)
| EKU-ID: 20702 | CVE: OSVDB-66160;CVE-2010-2731;MS10-065 | OSVDB-ID: |
| Author: Soroush Dalili | Published: 2010-07-02 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 20702 | CVE: OSVDB-66160;CVE-2010-2731;MS10-065 | OSVDB-ID: |
| Author: Soroush Dalili | Published: 2010-07-02 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
MS10-065 - Directory Authentication Bypass Vulnerability Description: This vulnerability is because of using Alternate Data Stream to open a protected folder. All of IIS authentication methods can be circumvented. In this technique, we can add a “:$i30:$INDEX_ALLOCATION” to a directory name to bypass the authentication. Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14179.pdf (IIS5.1_Authentication_Bypass.pdf)