Microsoft IIS /iisadmin Unrestricted Access

Low Nessus Plugin ID 10358


The remote web server is affected by a privilege escalation vulnerability.


When Microsoft Internet Information Server (IIS) 4.0 is upgraded from version 2.0 or 3.0 the ism.dll file is left in the /scripts/iisadmin directory. This script discloses sensitive information via a specially crafted URL which could lead to elevated privileges. An attacker could use this to gain access to the administrator's password.


Restrict access to /iisadmin through the IIS ISM.

See Also

Plugin Details

Severity: Low

ID: 10358

File Name: iisadmin.nasl

Version: $Revision: 1.29 $

Type: remote

Family: Web Servers

Published: 2000/04/01

Modified: 2017/11/27

Dependencies: 10107, 11919, 17975

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 2

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:ND/RC:ND

Vulnerability Information

CPE: cpe:/a:microsoft:iis

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1999/01/14

Reference Information

CVE: CVE-1999-1538

BID: 189

OSVDB: 273