|
Family: Windows : Microsoft Bulletins --> Category: infos
Cumulative Patch for Internet Information Services (Q327696) Vulnerability Scan
Vulnerability Scan Summary Acertains whether October 30, 2002 IIS Cumulative patches (Q327696) are installed
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host through the web server.
Description :
The remote version of Windows contains multiple flaws in the Internet
Information Service (IIS) like Heap Overflow, DoS, XSS which may allow
a possible hacker to execute arbitrary code on the remote host with the SYSTEM
rights.
Solution :
Microsoft has released a set of patches for IIS 4.0, 5.0, 5.1 :
http://www.microsoft.com/technet/security/bulletin/ms02-062.mspx
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|