MS03-018: Cumulative Patch for Internet Information Services (11114)
Critical Nessus Plugin ID 11683
SynopsisArbitrary code can be executed on the remote web server.
DescriptionThe remote host is running a version of IIS that contains various flaws that could allow remote attackers to disable this service remotely and local attackers (or remote attackers with the ability to upload arbitrary files on this server) to gain SYSTEM level access on this host.
SolutionMicrosoft has released a set of patches for IIS 4.0, 5.0 and 5.1.