ID de Prueba:	1.3.6.1.4.1.25623.1.0.15910
Categoría:	Web application abuses
Título:	w3who.dll Buffer Overflow / XSS Vulnerability - Active Check
Resumen:	The Windows 2000 Resource Kit ships with a DLL that displays; the browser client context. It lists security identifiers, privileges and $ENV variables.;; The scanner has determined that this file is installed on the remote host.
Descripción:	Summary: The Windows 2000 Resource Kit ships with a DLL that displays the browser client context. It lists security identifiers, privileges and $ENV variables. The scanner has determined that this file is installed on the remote host. Vulnerability Impact: The w3who.dll ISAPI may allow an attacker to execute arbitrary commands on this host, through a buffer overflow, or to mount XSS attacks. Solution: Delete this file. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1133 http://marc.info/?l=full-disclosure&m=110234486823233&w=2 http://www.exaprobe.com/labs/advisories/esa-2004-1206.html XForce ISS Database: w3who-http-error-xss(18375) https://exchange.xforce.ibmcloud.com/vulnerabilities/18375 Common Vulnerability Exposure (CVE) ID: CVE-2004-1134 XForce ISS Database: w3who-bo(18377) https://exchange.xforce.ibmcloud.com/vulnerabilities/18377
Copyright	Copyright (C) 2004 Nicolas Gregoire

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.