Test Kennung:	1.3.6.1.4.1.25623.1.0.101000
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft IIS XSS Vulnerability (MS00-060) - Active Check
Zusammenfassung:	Microsoft IIS do not properly protect against cross-site; scripting (XSS) attacks.
Beschreibung:	Summary: Microsoft IIS do not properly protect against cross-site scripting (XSS) attacks. Vulnerability Impact: They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. Affected Software/OS: Microsoft IIS 4.0 and 5.0 is known to be affected. Solution: Microsoft has released a patch to correct these issues. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2000-0746 BugTraq ID: 1594 http://www.securityfocus.com/bid/1594 BugTraq ID: 1595 http://www.securityfocus.com/bid/1595 Bugtraq: 20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll (Google Search) http://www.securityfocus.com/templates/archive.pike?list=1&msg=39A12BD6.E811BF4F@nat.bg Microsoft Security Bulletin: MS00-060 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060 Common Vulnerability Exposure (CVE) ID: CVE-2000-1104
Copyright	Copyright (C) 2009 Christian Eric Edjenguele

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.