CGI abuses : nsiislog.dll DoS

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11664

Categoría: CGI abuses

Título: nsiislog.dll DoS

Resumen: NOSUMMARY

Descripción: Description:

Some versions of IIS shipped with a default file, nsiislog.dll,
within the /scripts directory. Nessus has determined that the
remote host has the file installed.

The NSIISLOG.dll CGI may allow an attacker to execute
arbitrary commands on this host, through a buffer overflow.

Solution : http://www.microsoft.com/technet/security/bulletin/ms03-022.mspx

Risk factor : High

Referencia Cruzada: BugTraq ID: 7727
BugTraq ID: 8035
Common Vulnerability Exposure (CVE) ID: CVE-2003-0227
Bugtraq: 20030528 RE: Alert: MS03-019, Microsoft... wrong, again. (Google Search)
http://marc.info/?l=bugtraq&m=105427615626177&w=2
Microsoft Security Bulletin: MS03-019
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019
http://marc.info/?l=ntbugtraq&m=105421176432011&w=2
http://marc.info/?l=ntbugtraq&m=105421127531558&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966
Common Vulnerability Exposure (CVE) ID: CVE-2003-0349
Bugtraq: 20030626 Windows Media Services Remote Command Execution #2 (Google Search)
http://marc.info/?l=bugtraq&m=105665030925504&w=2
CERT/CC vulnerability note: VU#113716
http://www.kb.cert.org/vuls/id/113716
Microsoft Security Bulletin: MS03-022
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0306&L=NTBUGTRAQ&P=R4563
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938
http://securitytracker.com/id?1007059
http://secunia.com/advisories/9115

Copyright This script is Copyright (C) 2003 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11664
Categoría:	CGI abuses
Título:	nsiislog.dll DoS
Resumen:	NOSUMMARY
Descripción:	Description: Some versions of IIS shipped with a default file, nsiislog.dll, within the /scripts directory. Nessus has determined that the remote host has the file installed. The NSIISLOG.dll CGI may allow an attacker to execute arbitrary commands on this host, through a buffer overflow. Solution : http://www.microsoft.com/technet/security/bulletin/ms03-022.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 7727 BugTraq ID: 8035 Common Vulnerability Exposure (CVE) ID: CVE-2003-0227 Bugtraq: 20030528 RE: Alert: MS03-019, Microsoft... wrong, again. (Google Search) http://marc.info/?l=bugtraq&m=105427615626177&w=2 Microsoft Security Bulletin: MS03-019 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019 http://marc.info/?l=ntbugtraq&m=105421176432011&w=2 http://marc.info/?l=ntbugtraq&m=105421127531558&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966 Common Vulnerability Exposure (CVE) ID: CVE-2003-0349 Bugtraq: 20030626 Windows Media Services Remote Command Execution #2 (Google Search) http://marc.info/?l=bugtraq&m=105665030925504&w=2 CERT/CC vulnerability note: VU#113716 http://www.kb.cert.org/vuls/id/113716 Microsoft Security Bulletin: MS03-022 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0306&L=NTBUGTRAQ&P=R4563 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938 http://securitytracker.com/id?1007059 http://secunia.com/advisories/9115
Copyright	This script is Copyright (C) 2003 Tenable Network Security