This script is Copyright (C) 2000-2011 Tenable Network Security, Inc.
The remote web server is affected by a privilege escalation
When Microsoft Internet Information Server (IIS) 4.0 is upgraded from
version 2.0 or 3.0 the ism.dll file is left in the /scripts/iisadmin
directory. This script discloses sensitive information via a specially
crafted URL which could lead to elevated privileges. An attacker could
use this to gain access to the administrator's password.
See also :
Restrict access to /iisadmin through the IIS ISM.
Risk factor :
Low / CVSS Base Score : 2.1
CVSS Temporal Score : 1.8