ID de Prueba:	1.3.6.1.4.1.25623.1.0.902694
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)
Resumen:	This host is missing a moderate security update according to; Microsoft Bulletin MS12-073.
Descripción:	Summary: This host is missing a moderate security update according to Microsoft Bulletin MS12-073. Vulnerability Insight: The flaws are due to - IIS improperly manages the permissions of a log file. - An error within the IIS FTP service when negotiating encrypted communications channels. Vulnerability Impact: Successful exploitation will allow an attacker to gain access to sensitive information that may aid in further attacks. Affected Software/OS: - Microsoft FTP Service 7.0 for IIS 7.0 on Microsoft Windows Vista/2008 server Service Pack 2 and prior - Microsoft FTP Service 7.5 for IIS 7.5 on: - Microsoft Windows Vista/2008 server Service Pack 2 and prior - Microsoft Windows 7 Service Pack 1 and prior - Microsoft Windows Server 2008 R2 Service Pack 1 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2531 BugTraq ID: 56439 http://www.securityfocus.com/bid/56439 Microsoft Security Bulletin: MS12-073 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15959 Common Vulnerability Exposure (CVE) ID: CVE-2012-2532 BugTraq ID: 56440 http://www.securityfocus.com/bid/56440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15786
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.