Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: destructive_attack

ActivePerl perlIS.dll Buffer Overflow Vulnerability Scan

Vulnerability Scan Summary
Acertains if arbitrary commands can be executed thanks to ActivePerl's perlIS.dll

Detailed Explanation for this Vulnerability Test

A possible hacker can run arbitrary code on the remote computer.
This is because the remote IIS server is running a version of
ActivePerl prior to and has the Check that file
exists option disabled for the perlIS.dll.

Solution: Either upgrade to a version of ActivePerl more
recent than or enable the Check that file exists option.
To enable this option, open up the IIS MMC, right click on a (virtual)
directory in your web server, choose Properties,
click on the Configuration... button, highlight the .plx item,
click Edit, and then check Check that file exists.

More Information:

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.