Vulnerabilities > CVE-2009-4444 - Unspecified vulnerability in Microsoft Internet Information Services 5.0/6.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
microsoft
Summary
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/93313/R7-0036.txt |
id | PACKETSTORM:93313 |
last seen | 2016-12-05 |
published | 2010-08-30 |
reporter | H D Moore |
source | https://packetstormsecurity.com/files/93313/Rapid7-Security-Advisory-36.html |
title | Rapid7 Security Advisory 36 |
References
- http://blogs.technet.com/msrc/archive/2009/12/27/new-reports-of-a-vulnerability-in-iis.aspx
- http://secunia.com/advisories/37831
- http://securitytracker.com/id?1023387
- http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf
- http://www.securityfocus.com/bid/37460
- http://www.vupen.com/english/advisories/2009/3634