We are seeing this vulnerability reported. But, the information is not complete enough for me to verify and no references are giving. Can you help me with this?
Vulnerability Name: Microsoft IIS Tilde Character Information Disclosure Vulnerability Risk: Medium Hostname / IP Address: XX.XX.XX.XX Service(Port)/Protocol: general(0)/tcp Scan Date:
Category: Web servers Summary: The remote host has Microsoft IIS installed and prone to information disclosure vulnerability. Microsoft IIS fails to validate a specially crafted GET request having a '~' tilde character, which allows to disclose all short-names of folders and files having 4 letters extensions.
File/Folder name found on server starting with letter(s): aabbcc Impact: Successful exploitation will let the remote attackers to obtain sensitive information that could aid in further attacks. Solution: Test ID: 15257
Unfortunately there is no easy fix; the only workaround is: http://support.microsoft.com/kb/121007
Please try the following resources for more information:
http://www.exploit-db.com/exploits/19525 http://code.google.com/p/iis-shortname-scanner-poc http://soroush.secproject.com/downloadable/iis_tilde_shortname_disclosure.txt http://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_vulnerability_feature.pdf