Update Protection against Microsoft IIS Filename Extension Parsing Security Bypass Vulnerability
| Check Point Reference: | CPAI-2009-331 | |
| Date Published: | ||
| Severity: | ||
| Source: | SecurityTracker Alert ID: 1023387 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Internet Information Services (IIS) 6 and prior versions | ||
| Vulnerability Description A security bypass vulnerability has been discovered in Microsoft Internet Information Services (IIS). IIS is a collection of Internet services packaged with several versions of the Windows operating system. A remote attacker could exploit this issue to upload a dangerous executable file on to the vulnerable server. |
||
|
Vulnerability Details The vulnerability is due to an error in the IIS service that incorrectly parses filenames that contain a semicolon character when determining the MIME type based on the filename extension. An attacker may exploit this issue by crafting an HTTP POST request that will bypass the web application's filename extension security filters. Successful exploitation of this vulnerability would allow the attacker to upload an executable file with a non-executable extension on to the vulnerable server. |
Protection Overview
This protection will detect and block HTTP requests attempting to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest SmartDefense/IPS update. For information on how to update SmartDefense/IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.
Additional Information
Original Advisory