Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in Microsoft IIS using ASP Could Allow Remote Code Execution (917537) Vulnerability Scan
Vulnerability Scan Summary
Acertains if hotfix 917537 has been installed
Detailed Explanation for this Vulnerability Test
It is possible to use the remote web server to exploit arbitrary code on the
The remote host is running a version of Windows and IIS which is vulnerable
to a flaw which may allow a possible hacker who has the rights to upload
arbitrary ASP scripts to it to execute arbitrary code.
Specifically, the remote version of IIS is vulnerable to a flaw when parsing
specially crafted ASP files. By uploading a malicious ASP file on the remote
host, a possible hacker may be able to take the complete control of the remote
Microsoft has released a set of patches for Windows 2000, XP and 2003:
Medium / CVSS Base Score : 4.2
Click HERE for more information and discussions on this network vulnerability scan.