CVE-2002-1694

Name of the Vulnerable Software and Affected Versions Microsoft Internet Information Server (IIS) version 4.0

Description The issue allows remote attackers to modify log file contents while the server is running, due to the log files being opened with FILE SHARE READ and FILE SHARE WRITE permissions.

Recommendations For Microsoft Internet Information Server (IIS) version 4.0, consider restricting access to the log files to prevent modification by remote attackers. As a temporary workaround, restrict write access to the log files until a more permanent solution is available.