This script is Copyright (C) 2002-2014 Tenable Network Security, Inc.
The remote web server is affected by a buffer overflow vulnerability.
The IIS server appears to have the .HTR ISAPI filter mapped.
At least one remote vulnerability has been discovered for the .HTR
filter. This is detailed in Microsoft Advisory
MS02-018, and gives remote SYSTEM level access to the web server.
It is recommended that, even if you have patched this vulnerability,
you unmap the .HTR extension and any other unused ISAPI extensions
if they are not required for the operation of your site.
See also :
Apply the patch referenced above.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 10932 (iis_htr_isapi.nasl)
Bugtraq ID: 4474
CVE ID: CVE-2002-0071
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.