Vulnerability: iisPROTECT solution

IDefence security advisory has warned a vulnerability exists in iisPROTECT, a solution which provides password protection to web directories.The vulnerability allows an attacker to bypass the login authentication and file requests process by simply requesting the same file through different URL-encoded representations.

iisPROTECT has released version to fix this vulnerability, as versions of the solution prior to 2.2 are affected.

The iDefence security advisory is available at:

Join the newsletter!

Error: Please check your email address.

More about iDefense

Show Comments