Detections
Analytics

Microsoft IIS /iisadmin Unrestricted Access

low Nessus Plugin ID 10358

Synopsis

The remote web server is affected by a privilege escalation vulnerability.

Description

When Microsoft Internet Information Server (IIS) 4.0 is upgraded from version 2.0 or 3.0 the ism.dll file is left in the /scripts/iisadmin directory. This script discloses sensitive information via a specially crafted URL which could lead to elevated privileges. An attacker could use this to gain access to the administrator's password.

Solution

Restrict access to /iisadmin through the IIS ISM.

See Also

https://marc.info/?l=bugtraq&m=91638375309890&w=2

Plugin Details

Severity: Low

ID: 10358

File Name: iisadmin.nasl

Version: 1.32

Type: remote

Family: Web Servers

Published: 4/1/2000

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.0

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:microsoft:iis

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/14/1999

Reference Information

CVE: CVE-1999-1538

BID: 189