This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote web server is affected by an authentication bypass
The version of Microsoft IIS installed on the remote host is affected
by an authentication bypass vulnerability. It is possible to access
PHP files in protected web directories without authentication by
appending '::$INDEX_ALLOCATION' to the directory name.
See also :
There is no known solution at this time.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.1
Public Exploit Available : true
Family: CGI abuses
Nessus Plugin ID: 59817 ()
Bugtraq ID: 53906