CVE-1999-0450 and using ISAPIRSS

1 reply

Last post May 12, 2017 03:02 PM by Rovastar

  • CVE-1999-0450 and using ISAPI

    May 12, 2017 12:47 PM|jwarner777|LINK

    Greetings everyone,

    I have a question about security scanners and cve-1999-0450.  The accepted fix on the internet seems to be the following:

    IISAPI mappings Edit -> Request Restrictions. - Check Invoke Handler only if request is mapped to FILE.

    I have done this for all ISAPI modules but running the security scanner still shows this vulnerability.  Does anyone have an idea what I am missing?  It doesnt pass the path for HTTP requests but still seems to pass them for HTTPS requests if I use the same URL with HTTPS.

    Running HTTPS serviceProduct IIS exists -- Microsoft IIS 7.5HTTP GET request

    to https://xx.xx.xxx.xx/scripts/non-existant-script-name.idq
    70: </div>
    71: <div id="details-right">
    72: <table border="0" cellpadding="0" cellspacing="0">
    73: <tr class="alt"><th>Requested URL</th><td>https://xx.xx.xxx.xx:...
    74: ... Path</th><td>C:\inetpub\wwwroot\scripts\non-existant-script-name

    Any help is much appreciated

  • Rovastar Rovastar

    5469 Posts

    MVP

    Moderator

    Re: CVE-1999-0450 and using ISAPI

    May 12, 2017 03:02 PM|Rovastar|LINK

    Is this even a valid exploit on IIS7.5? THE CVE is for IIS versions 2 to 5 and from 1999 and is this just for Perl?

    I would get more details from your security scanner software. Someone of these it a number of false positives is huge and often the people making the app it don't seem to care.

    Troubleshoot IIS in style
    https://www.leansentry.com/