Vulnerabilities > CVE-2009-4444 - Unspecified vulnerability in Microsoft Internet Information Services 5.0/6.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/93313/R7-0036.txt |
| id | PACKETSTORM:93313 |
| last seen | 2016-12-05 |
| published | 2010-08-30 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/93313/Rapid7-Security-Advisory-36.html |
| title | Rapid7 Security Advisory 36 |
References
- http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx
- http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx
- http://secunia.com/advisories/37831
- http://secunia.com/advisories/37831
- http://securitytracker.com/id?1023387
- http://securitytracker.com/id?1023387
- http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf
- http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf
- http://www.securityfocus.com/bid/37460
- http://www.securityfocus.com/bid/37460
- http://www.vupen.com/english/advisories/2009/3634
- http://www.vupen.com/english/advisories/2009/3634