PT-1999-1713 · Microsoft · Iis+2
Published
1999-12-31
·
Updated
2018-10-12
·
CVE-1999-1451
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IIS versions 4.0
Site Server version 3.0
Description:
The issue allows remote attackers to read arbitrary files due to a problem with the Winmsdp.exe sample file.
Recommendations:
For IIS version 4.0, remove or restrict access to the Winmsdp.exe sample file to prevent exploitation.
For Site Server version 3.0, consider removing the Winmsdp.exe sample file as a temporary workaround until a more permanent solution is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Iis
Site Server
Winmsdp.Exe