Microsoft IIS bdir.htr Arbitrary Directory Listing

Copyright (C) 2000-2014 John Lampe <j_lampe@bellsouth.net>


Synopsis :

The remote web server is affected by an information disclosure
vulnerability.

Description :

The file bdir.htr is a default IIS files which can give a malicious
user a lot of unnecessary information about your file system.
Specifically, the 'bdir.htr' script allows the user to browser and
create files on hard drive. As this includes critical system files, it
is highly possible that the attacker will be able to use this script
to escalate privileges and gain 'Administrator' access.

Solution :

If you do not need these files, then delete them, otherwise use
suitable access control lists to ensure that the files are not
world-readable.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 5.0
(CVSS2#E:H/RL:U/RC:C)

Family: Web Servers

Nessus Plugin ID: 10577 (iis_bdir.nasl)

Bugtraq ID: 2280

CVE ID: