Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?

[steve.povolny () hp com]

There's not a lot in the way of information about IIS settings required to exploit this.  What I've gleaned so far is 
IIS 5.1, and a request to a directory using the :$i30:$INDEX_ALLOCATION in the request...Can't seem to replicate this 
though.  Are there any other settings that you are aware of for IIS?  Basic auth required?  I'd like to find a way to 
replicate this in our environment.  Thanks!