|
Family: CGI abuses --> Category: infos
IIS possible DoS using ExAir's advsearch Vulnerability Scan
Vulnerability Scan Summary Acertains the presence of an ExAir ASP
Detailed Explanation for this Vulnerability Test
IIS comes with the sample site 'ExAir'. Unfortunately,
one of its pages, namely /iissamples/exair/search/advsearch.asp, may
be used to make IIS hang, thus preventing it from answering legitimate
client requests.
Solution : Delete the 'ExAir' sample IIS site.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|