|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Web Servers >> IIS .IDA ISAPI filter applied Vulnerability Assessment Details
|
IIS .IDA ISAPI filter applied |
||
Tests for IIS .ida ISAPI filter Detailed Explanation for this Vulnerability Assessment Summary : Indexing Service filter is enabled on the remote Web server. Description : The IIS server appears to have the .IDA ISAPI filter mapped. At least one remote vulnerability has been discovered for the .IDA (indexing service) filter. This is detailed in Microsoft Advisory MS01-033, and gives remote SYSTEM level access to the web server. It is recommended that even if you have patched this vulnerability that you unmap the .IDA extension, and any other unused ISAPI extensions if they are not required for the operation of your site. Solution : To unmap the .IDA extension: 1.Open Internet Services Manager. 2.Right-click the Web server choose Properties from the context menu. 3.Master Properties 4.Select WWW Service -> Edit -> HomeDirectory -> Configuration and remove the reference to .ida from the list. In addition, you may wish to download and install URLSCAN from the Microsoft Technet web site. URLSCAN, by default, blocks all .ida requests to the IIS server. Network Security Threat Level: None / CVSS Base Score : 0 (AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N) Networks Security ID: 2880 Vulnerability Assessment Copyright: This script is Copyright (C) 2001 Matt Moore |
||
Cables, Connectors |
Broadcom LSI MegaRAID 9440-8i SAS/SATA/NVME TRI-MODE RAID Controller Card
$85.00
LSI 9305-16i SATA SAS 12Gbs RAID Controller Host Bus Adapter PCIe 3.0 x8 IT-Mode
$199.99
Adaptec ASR-81605ZQ 12G SAS 16-Port 1GB Cache PCIe x8 RAID Controller
$131.99
ATTO R608 8-Port 6Gb/s SAS RAID Controller
$33.99
Inspur LSI 9300-8i Raid Card 12Gbps HBA HDD Controller High Profile IT MODE
$15.98
LSI MegaRAID 9361-8i 12Gb PCIe 8-Port SAS/SATA RAID 1Gb w/BBU/CacheVault/License
$39.95
ORICO Multi Bay RAID Hard Drive Enclosure USB 3.0/ Type-C For 2.5/3.5'' HDD SSDs
$87.99
LSI MegaRaid 9361-8i 12Gbps SAS / SATA Raid Controller PCIe x8 3.0 Tested
$29.00
4 Bay RAID External Hard Drive Enclosure for 2.5/3.5" SATA HDD/SSD
$79.99
Oracle 7332895 LSI MegaRAID 9361-16i 16-PORT 12GB SAS PCIE RAID CONTROLLER
$349.00
|
||
No Discussions have been posted on this vulnerability. |