Test Kennung:	1.3.6.1.4.1.25623.1.0.10575
Kategorie:	Web Servers
Titel:	Microsoft IIS '.cnf' File Leakage Vulnerability - Active Check
Zusammenfassung:	The IIS web server may allow remote users to read sensitive information; from .cnf files. This is not the default configuration.;; Example, http://example.com/_vti_pvt%5csvcacl.cnf, access.cnf,; svcacl.cnf, writeto.cnf, service.cnf, botinfs.cnf,; bots.cnf, linkinfo.cnf and services.cnf
Beschreibung:	Summary: The IIS web server may allow remote users to read sensitive information from .cnf files. This is not the default configuration. Example, http://example.com/_vti_pvt%5csvcacl.cnf, access.cnf, svcacl.cnf, writeto.cnf, service.cnf, botinfs.cnf, bots.cnf, linkinfo.cnf and services.cnf Solution: If you do not need .cnf files, then delete them, otherwise use suitable access control lists to ensure that the .cnf files are not world-readable by Anonymous users. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1717 BugTraq ID: 4078 http://www.securityfocus.com/bid/4078 Bugtraq: 20020210 This is the CORRECTED POST please ignore the one befor same subject MULTIPLE Remote Issues with II5.1 on Windows XP (Google Search) http://online.securityfocus.com/archive/1/255555 Bugtraq: 20020212 Re: This is the CORRECTED POST please ignore the one befor same subject MULTIPLE Remote Issues with II5.1 on Windows XP (Google Search) http://online.securityfocus.com/archive/1/256125 XForce ISS Database: iis-cnf-reveal-information(8174) https://exchange.xforce.ibmcloud.com/vulnerabilities/8174
Copyright	Copyright (C) 2003 John Lampe

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.