Family: Web Servers --> Category: infos
/iisadmpwd/aexp2.htr Vulnerability Scan
Vulnerability Scan Summary
Acertains whether /iisadmpwd/aexp2.htr is present
Detailed Explanation for this Vulnerability Test
The file /iisadmpwd/aexp2.htr is present.
(or, aexp2b.htr, aexp3.htr, or aexp4.htr, search for aexp*.htr)
A possible hacker may use it in a brute force attack
to gain valid username/password.
A valid user may also use it to change his password
on a locked account.
Solution : Delete the file
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.