CVE-2010-2731
Microsoft IIS 5.1 on Windows XP SP3 - Directory Authentication Bypass via Crafted Request
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2010-2731.
PoCs published by Soroush Dalili, Soroush Dalili, sinn3r, including Metasploit module auxiliary/admin/http/iis_auth_bypass.
AI-analyzed exploit summary This exploit describes a directory authentication bypass vulnerability in IIS using Alternate Data Stream (ADS) to circumvent authentication methods. The technique involves appending ':$i30:$INDEX_ALLOCATION' to a directory name to access protected folders.
Description
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
Exploits (2)
This exploit describes a directory authentication bypass vulnerability in IIS using Alternate Data Stream (ADS) to circumvent authentication methods. The technique involves appending ':$i30:$INDEX_ALLOCATION' to a directory name to access protected folders.
This Metasploit module exploits an authentication bypass vulnerability in Microsoft IIS 5 by appending an NTFS stream name to the directory path, allowing unauthorized access to protected resources.