New Search

IIS5.0 Script Source Access Vulnerability

oval:org.mitre.oval:def:931

A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files which allows attackers with only write permissions to upload malicious .COM files aka "Script Source Access Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2002-1180
Product(s):
  • Microsoft Internet Information Server (IIS)