ID de Prueba:	1.3.6.1.4.1.25623.1.0.10811
Categoría:	Web application abuses
Título:	ActivePerl perlIS.dll Buffer Overflow Vulnerability - Active Check
Resumen:	An attacker can run arbitrary code on the remote computer.;; This is because the remote IIS server is running a version of ActivePerl prior to 5.6.1.630; and has the Check that file exists option disabled for the perlIS.dll.
Descripción:	Summary: An attacker can run arbitrary code on the remote computer. This is because the remote IIS server is running a version of ActivePerl prior to 5.6.1.630 and has the Check that file exists option disabled for the perlIS.dll. Solution: Either upgrade to a version of ActivePerl more recent than 5.6.1.629 or enable the 'Check that file exists' option. To enable this option, open up the IIS MMC, right click on a (virtual) directory in your web server, choose Properties, click on the Configuration... button, highlight the .plx item, click Edit, and then check/enable the 'Check that file exists' option. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0815 BugTraq ID: 3526 http://www.securityfocus.com/bid/3526 Bugtraq: 20011115 NSFOCUS SA2001-07 : ActivePerl PerlIS.dll Remote Buffer Overflow Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=100583978302585&w=2 http://www.osvdb.org/678 XForce ISS Database: activeperl-perlis-filename-bo(7539) https://exchange.xforce.ibmcloud.com/vulnerabilities/7539
Copyright	Copyright (C) 2001 HD Moore & Drew Hintz

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.