Detections
Analytics

Microsoft IIS Authentication Method Enumeration

low Nessus Plugin ID 11871

Language:

Synopsis

The remote web server is affected by an information disclosure vulnerability.

Description

The remote host appears to be running a version of IIS which allows remote users to determine which authentication schemes are required for confidential web pages.

That is, by requesting valid web pages with purposely invalid credentials, you can ascertain whether or not the authentication scheme is in use. This can be used for brute-force attacks against known USerIDs.

Solution

If the application allows, disable any authentication methods that are not used in the IIS Properties interface.

See Also

https://marc.info/?l=bugtraq;m=101535399100534;w=2

Plugin Details

Severity: Low

ID: 11871

File Name: iis_auth_scheme.nasl

Version: 1.30

Type: remote

Family: Web Servers

Published: 10/8/2003

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 2

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:microsoft:iis

Required KB Items: Settings/ParanoidReport, www/iis

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 3/5/2002

Reference Information

CVE: CVE-2002-0419

BID: 4235