Microsoft IIS directory enumeration

Description

Cytrix has detected the Microsoft IIS directory enumeration vulnerability.
By using the tilde character (“~”) in a GET or OPTIONS requests, it allows “guessing” short names and extensions of files and directories which have an 8.3 file naming scheme equivalent in Windows versions of Microsoft IIS.

Such vulnerability may lead to an issue especially for .Net based websites which are vulnerable to direct URL access (also known as path aliasing).
An attacker could find important files and folders that are not supposed to be accessible (and visible) to everyone.

Severity/Score

CVSS Version 3.x – 6.5 Medium

Recommendation

To prevent this vulnerability, make sure to discard all web requests that are using the tilde character (“~”).
Also, add a registry key named :  
NtfsDisable8dot3NameCreation
to
HKLM\SYSTEM\CurrentControlSet\Control\FileSystem

Set the value of the key to 1 to mitigate all 8.3 name related conventions found on the server.

References

https://social.msdn.microsoft.com/Forums/en-US/3772293e-b91c-42e6-8516-9bf6184238b6/directory-enumeration-possible-on-web-server?forum=iissecurity

https://cwe.mitre.org/data/definitions/20.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Cytrix! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

What is Kayran

Cytrix scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Cytrix’s mission is to make

Read More »