CGI abuses : IIS .HTR ISAPI filter applied

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.10932

Categoría: CGI abuses

Título: IIS .HTR ISAPI filter applied

Resumen: NOSUMMARY

Descripción: Description:

The IIS server appears to have the .HTR ISAPI filter mapped.

At least one remote vulnerability has been discovered for the .HTR
filter. This is detailed in Microsoft Advisory
MS02-018, and gives remote SYSTEM level access to the web server.

It is recommended that, even if you have patched this vulnerability,
you unmap the .HTR extension and any other unused ISAPI extensions
if they are not required for the operation of your site.

Solution :
To unmap the .HTR extension:
1.Open Internet Services Manager.
2.Right-click the Web server choose Properties from the context menu.
3.Master Properties
4.Select WWW Service -> Edit -> HomeDirectory -> Configuration
and remove the reference to .htr from the list.

In addition, you may wish to download and install URLSCAN from the
Microsoft Technet Website. URLSCAN, by default, blocks all requests
for .htr files.

Risk factor : High

Referencia Cruzada: BugTraq ID: 4474
Common Vulnerability Exposure (CVE) ID: CVE-2002-0071
@stake Security Advisory: A041002-1
http://www.atstake.com/research/advisories/2002/a041002-1.txt
http://www.securityfocus.com/bid/4474
Bugtraq: 20020411 KPMG-2002010: Microsoft IIS .htr ISAPI buffer overrun (Google Search)
http://marc.info/?l=bugtraq&m=101854087828265&w=2
http://www.cert.org/advisories/CA-2002-09.html
CERT/CC vulnerability note: VU#363715
http://www.kb.cert.org/vuls/id/363715
Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018
http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
Microsoft Security Bulletin: MS02-018
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
http://www.osvdb.org/3325
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A130
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A45
http://www.iss.net/security_center/static/8799.php

Copyright This script is Copyright (C) 2002 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.10932
Categoría:	CGI abuses
Título:	IIS .HTR ISAPI filter applied
Resumen:	NOSUMMARY
Descripción:	Description: The IIS server appears to have the .HTR ISAPI filter mapped. At least one remote vulnerability has been discovered for the .HTR filter. This is detailed in Microsoft Advisory MS02-018, and gives remote SYSTEM level access to the web server. It is recommended that, even if you have patched this vulnerability, you unmap the .HTR extension and any other unused ISAPI extensions if they are not required for the operation of your site. Solution : To unmap the .HTR extension: 1.Open Internet Services Manager. 2.Right-click the Web server choose Properties from the context menu. 3.Master Properties 4.Select WWW Service -> Edit -> HomeDirectory -> Configuration and remove the reference to .htr from the list. In addition, you may wish to download and install URLSCAN from the Microsoft Technet Website. URLSCAN, by default, blocks all requests for .htr files. Risk factor : High
Referencia Cruzada:	BugTraq ID: 4474 Common Vulnerability Exposure (CVE) ID: CVE-2002-0071 @stake Security Advisory: A041002-1 http://www.atstake.com/research/advisories/2002/a041002-1.txt http://www.securityfocus.com/bid/4474 Bugtraq: 20020411 KPMG-2002010: Microsoft IIS .htr ISAPI buffer overrun (Google Search) http://marc.info/?l=bugtraq&m=101854087828265&w=2 http://www.cert.org/advisories/CA-2002-09.html CERT/CC vulnerability note: VU#363715 http://www.kb.cert.org/vuls/id/363715 Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml Microsoft Security Bulletin: MS02-018 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 http://www.osvdb.org/3325 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A130 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A45 http://www.iss.net/security_center/static/8799.php
Copyright	This script is Copyright (C) 2002 Renaud Deraison