Test ID:	1.3.6.1.4.1.25623.1.0.10943
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Information Services (IIS) Multiple Vulnerabilities (Q327696, MS02-062)
Summary:	Microsoft Internet Information Services (IIS) is prone to; multiple vulnerabilities.
Description:	Summary: Microsoft Internet Information Services (IIS) is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2002-0869: Out of Process Privilege Elevation - CVE-2002-1182: WebDAV Denial of Service - CVE-2002-1180: Script Source Access Vulnerability - CVE-2002-1181: Cross-site Scripting in IIS Administrative Pages Affected Software/OS: - Microsoft Internet Information Services 4.0 - Microsoft Internet Information Services 5.0 - Microsoft Internet Information Services 5.1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0869 Bugtraq: 20021104 [A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002) (Google Search) http://marc.info/?l=bugtraq&m=103642839205574&w=2 Computer Incident Advisory Center Bulletin: N-011 http://www.ciac.org/ciac/bulletins/n-011.shtml http://www.li0n.pe.kr/eng/advisory/ms/iis_impersonation.txt Microsoft Security Bulletin: MS02-062 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A929 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A930 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A983 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html http://www.iss.net/security_center/static/10502.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1182 BugTraq ID: 4846 http://www.securityfocus.com/bid/4846 BugTraq ID: 6068 http://www.securityfocus.com/bid/6068 BugTraq ID: 6070 http://www.securityfocus.com/bid/6070 http://www.nextgenss.com/advisories/ms-iisdos.txt http://www.nextgenss.com/vna/ms-iisdos.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1011 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0048.html XForce ISS Database: iis-resource-utilization-dos(10184) https://exchange.xforce.ibmcloud.com/vulnerabilities/10184 XForce ISS Database: iis-webdav-memory-allocation-dos(10503) https://exchange.xforce.ibmcloud.com/vulnerabilities/10503 Common Vulnerability Exposure (CVE) ID: CVE-2002-1180 BugTraq ID: 6071 http://www.securityfocus.com/bid/6071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931 http://www.iss.net/security_center/static/10504.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1181 BugTraq ID: 6072 http://www.securityfocus.com/bid/6072 Bugtraq: 20021105 [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=103651224215736&w=2 http://www.lac.co.jp/security/intelligence/SNSAdvisory/58.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A942 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A944 http://www.iss.net/security_center/static/10501.php
Copyright	Copyright (C) 2002 Michael Scheidell

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.