Vulnerability: iisPROTECT solution

IDefence security advisory has warned a vulnerability exists in iisPROTECT, a solution which provides password protection to web directories.The vulnerability allows an attacker to bypass the login authentication and file requests process by simply requesting the same file through different URL-encoded representations.

iisPROTECT has released version 2.2.0.9 to fix this vulnerability, as versions of the solution prior to 2.2 are affected.

The iDefence security advisory is available at: http://www.idefense.com/advisory/05.22.03.txt

Join the newsletter!

Or
Error: Please check your email address.

More about iDefense

Show Comments