Microsoft IIS .HTR ISAPI Filter Enabled
High Nessus Plugin ID 10932
SynopsisThe remote web server is affected by a buffer overflow vulnerability.
DescriptionThe IIS server appears to have the .HTR ISAPI filter mapped.
At least one remote vulnerability has been discovered for the .HTR filter. This is detailed in Microsoft Advisory MS02-018, and gives remote SYSTEM level access to the web server.
It is recommended that, even if you have patched this vulnerability, you unmap the .HTR extension and any other unused ISAPI extensions if they are not required for the operation of your site.
SolutionApply the patch referenced above.