MS12-073: Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The Microsoft IIS service running on the remote system contains flaws
that could lead to an unauthorized information disclosure.

Description :

The FTP service in the version of IIS 7.0 or 7.5 on the remote Windows
host is affected by multiple vulnerabilities that could result in
unauthorized information disclosure.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms12-073

Solution :

Microsoft has released a set of patches for Vista, 2008, 7, and 2008
R2.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 62905 ()

Bugtraq ID: 56439
56440

CVE ID: CVE-2012-2531
CVE-2012-2532