Check For IIS .cnf File Leakage Network Vulnerability

Summary

The IIS web server may allow remote users to read sensitive information from .cnf files. This is not the default configuration. Example, http://target/_vti_pvt%5csvcacl.cnf, access.cnf, svcacl.cnf, writeto.cnf, service.cnf, botinfs.cnf, bots.cnf, linkinfo.cnf and services.cnf

Solution

If you do not need .cnf files, then delete them, otherwise use suitable access control lists to ensure that the .cnf files are not world-readable by Anonymous users.

References

http://www.safehack.com/Advisory/IIS5webdir.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2002-1717

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache UserDir Sensitive Information Disclosure
IMail account hijack
IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability
F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities
IIS Service Pack - 404

Check for IIS .cnf file leakage

Take action and discover your vulnerabilities