Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Vulnerability in Microsoft IIS using ASP Could Allow Remote Code Execution (917537) Vulnerability Scan

Vulnerability Scan Summary
Acertains if hotfix 917537 has been installed

Detailed Explanation for this Vulnerability Test

Synopsis :

It is possible to use the remote web server to exploit arbitrary code on the
remote host.

Description :

The remote host is running a version of Windows and IIS which is vulnerable
to a flaw which may allow a possible hacker who has the rights to upload
arbitrary ASP scripts to it to execute arbitrary code.

Specifically, the remote version of IIS is vulnerable to a flaw when parsing
specially crafted ASP files. By uploading a malicious ASP file on the remote
host, a possible hacker may be able to take the complete control of the remote

Solution :

Microsoft has released a set of patches for Windows 2000, XP and 2003:

Threat Level:

Medium / CVSS Base Score : 4.2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.