Oval Definition:	oval:org.mitre.oval:def:909
Revision Date: 2007-08-02 Version: 15 Title: Windows NT IIS System File Listing Privilege Elevation Vulnerability Description: IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2001-0507 Platform(s): Microsoft Windows NT Product(s): Microsoft Internet Information Server (IIS) Definition Synopsis IIS 4.0 Major Version AND IIS minor version equals 0 AND File %windir%\System32\w3svc.dll is less than 4.2.769.1 AND NOT Patch Q301625 Installed
BACK