|
Family: Web Servers --> Category: denial
nsiislog.dll DoS Vulnerability Scan
Vulnerability Scan Summary Acertains the presence of nsiislog.dll
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host
Description :
Some versions of IIS shipped with a default file, nsiislog.dll,
within the /scripts directory. Nessus has acertaind that the
remote host has the file installed.
The NSIISLOG.dll CGI may allow a possible hacker to execute
arbitrary commands on this host, through a buffer overflow.
Solution :
http://www.microsoft.com/technet/security/bulletin/ms03-022.mspx
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|