P
PradeepSharma
Symptoms :
The security scan tools show that Microsoft Internet Information Server (IIS) suffers from a vulnerability which allows the detection of short names of files and directories which have an equivalent in the 8.3 version of the file naming scheme. By crafting specific requests containing the tilde '~' character, an attacker could leverage this vulnerability to find files or directories that are normally not visible and gain access to sensitive information. Given the underlying filesystem calls generated by the remote server, the attacker could also attempt a denial of service on the target application.
Cause:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation was not set as 1
Solution:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
More Information:
The Default Value of "NtfsDisable8dot3NameCreation" can have the following values:
0: Enables 8dot3 name creation for all volumes on the system.
1: Disables 8dot3 name creation for all volumes on the system.
2: Sets 8dot3 name creation on a per volume basis.
3: Disables 8dot3 name creation for all volumes except the system
Continue reading...
The security scan tools show that Microsoft Internet Information Server (IIS) suffers from a vulnerability which allows the detection of short names of files and directories which have an equivalent in the 8.3 version of the file naming scheme. By crafting specific requests containing the tilde '~' character, an attacker could leverage this vulnerability to find files or directories that are normally not visible and gain access to sensitive information. Given the underlying filesystem calls generated by the remote server, the attacker could also attempt a denial of service on the target application.
Cause:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation was not set as 1
Solution:
- Open registry editor
- Navigate to below registry
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
- Right-click NtfsDisable8dot3NameCreation, and then click Modify.
- In the Value data box, type 1, and then click OK.
More Information:
The Default Value of "NtfsDisable8dot3NameCreation" can have the following values:
0: Enables 8dot3 name creation for all volumes on the system.
1: Disables 8dot3 name creation for all volumes on the system.
2: Sets 8dot3 name creation on a per volume basis.
3: Disables 8dot3 name creation for all volumes except the system
Continue reading...