cbcvebase.
CVE-2010-2731
published 2010-09-15

CVE-2010-2731: Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows…

PriorityP357medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
31.12%
98.0th percentile
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14179.pdf
  • Detect HTTP requests containing the NTFS Alternate Data Stream suffix ':$i30:$INDEX_ALLOCATION' appended to a directory name in the URI path, which is the bypass technique for IIS Basic Authentication.
  • Monitor IIS 5.1 on Windows XP SP3 for unauthenticated execution of ASP files in Basic Authentication-protected directories, particularly via crafted requests using NTFS stream names.
  • ·The vulnerability only affects IIS 5.1 on Windows XP SP3 when directory-based Basic Authentication is specifically enabled; other authentication configurations are not confirmed vulnerable by this CVE.
  • ·The Metasploit module targets IIS 5 specifically via NTFS stream name appended to directory names; the bypass technique leverages Alternate Data Streams, so NTFS filesystem is a prerequisite.
  • ·All IIS authentication methods are claimed to be bypassable with this technique, not just Basic Authentication, according to the exploit-db write-up.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.