Vulnerability   
Search   
    Search 172616 CVE descriptions
and 81291 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:11664
Category:CGI abuses
Title:nsiislog.dll DoS
Summary:NOSUMMARY
Description:Description:

Some versions of IIS shipped with a default file, nsiislog.dll,
within the /scripts directory. Nessus has determined that the
remote host has the file installed.

The NSIISLOG.dll CGI may allow an attacker to execute
arbitrary commands on this host, through a buffer overflow.

Solution : http://www.microsoft.com/technet/security/bulletin/ms03-022.mspx

Risk factor : High

Cross-Ref: BugTraq ID: 7727
BugTraq ID: 8035
Common Vulnerability Exposure (CVE) ID: CVE-2003-0227
Bugtraq: 20030528 RE: Alert: MS03-019, Microsoft... wrong, again. (Google Search)
http://marc.info/?l=bugtraq&m=105427615626177&w=2
Microsoft Security Bulletin: MS03-019
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-019
http://marc.info/?l=ntbugtraq&m=105421176432011&w=2
http://marc.info/?l=ntbugtraq&m=105421127531558&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A936
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A966
Common Vulnerability Exposure (CVE) ID: CVE-2003-0349
Bugtraq: 20030626 Windows Media Services Remote Command Execution #2 (Google Search)
http://marc.info/?l=bugtraq&m=105665030925504&w=2
CERT/CC vulnerability note: VU#113716
http://www.kb.cert.org/vuls/id/113716
Microsoft Security Bulletin: MS03-022
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-022
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0306&L=NTBUGTRAQ&P=R4563
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A938
http://securitytracker.com/id?1007059
http://secunia.com/advisories/9115
CopyrightThis script is Copyright (C) 2003 Tenable Network Security

This is only one of 81291 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.