Intrusion Prevention

MS.IIS.Directory.Remote.Authentication.Bypass

Description

This indicates a possible attack against a Directory Authentication Bypass vulnerability in Microsoft Internet Information Services.
An attacker can exploit this by using an Alternate Data Stream to access files located in a directory that has IIS authentication protection.

Affected Products

Microsoft IIS 5.1 on Windows XP Service Pack 3

Impact

Authentication Bypass.

Recommended Actions

Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx

CVE References

CVE-2010-2731