Family: Web Servers --> Category: infos
IIS Service Pack - 404 Vulnerability Scan
Vulnerability Scan Summary
IIS Service Pack Check
Detailed Explanation for this Vulnerability Test
The remote web server is running Microsoft IIS.
The Patch level (Service Pack) of the remote IIS server appears to be
lower than the current IIS service pack level. As each service pack
typically contains many security patches, the server may be at risk.
Note that this test makes assumptions of the remote patch level based
on static return values (Content-Length) within a IIS Server's 404
error message. As such, the test can not be totally reliable and
should be manually confirmed.
Note also that, to acertain IIS6 patch levels, a simple test is done
based on strict RFC 2616 compliance. It appears as if IIS6-SP1 will
accept CR as an end-of-line marker instead of both CR and LF.
Ensure that the server is running the latest stable Service Pack.
Click HERE for more information and discussions on this network vulnerability scan.