Add links to some other sources of information on the vulnerability and this script

2025-12-07 13:11:28 +00:00 · 2009-05-22 19:59:07 +00:00
parent bfd3c5b3df
commit d971be11a8
1 changed files with 7 additions and 0 deletions
--- a/scripts/http-iis-webdav-vuln.nse
+++ b/scripts/http-iis-webdav-vuln.nse
@@ -4,6 +4,13 @@ Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access
 A list of well known folders (almost 900) is used by default. Each one is checked, and if returns an authentication request (401), another attempt is tried with the malicious encoding. If that attempt returns a successful result (207), then the folder is marked as vulnerable.

 This script is based on the Metasploit modules/auxiliary/scanner/http/wmap_dir_webdav_unicode_bypass.rb auxiliary module.
+
+For more information on this vulnerability and script, see:
+* http://blog.zoller.lu/2009/05/iis-6-webdac-auth-bypass-and-data.html
+* http://seclists.org/fulldisclosure/2009/May/att-0134/IIS_Advisory_pdf
+* http://www.skullsecurity.org/blog/?p=271
+* http://www.kb.cert.org/vuls/id/787932
+* http://www.microsoft.com/technet/security/advisory/971492.mspx
 ]]

 ---