Oval Definition:
oval:org.mitre.oval:def:915
Revision Date
:
2011-05-16
Version
:
20
Title
:
IIS4.0 Buffer Overflow
Description
:
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Family
:
windows
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-1999-0874
Platform(s)
:
Microsoft Windows NT
Product(s)
:
Microsoft Internet Information Server (IIS)
Definition Synopsis
IIS 4.0 Major Version
AND
IIS minor version equals 0
AND
File %windir%\System32\w3svc.dll is less than 4.0.1381.164
AND
NOT
Win2K/XP/2003 service pack 6 (or later) is installed
BACK