| VID |
21805 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Microsoft W3Who ISAPI (w3who.dll) is detected as installed on the Web server. The Microsoft Windows 2000 Resource Kit supports many utilities designed for diagnostic administration of the Windows platform. The w3who.dll library is a utility designed to provide auditing of server configuration remotely through a Web browser. The w3who.dll library of Microsoft's Windows Resource Kit is vulnerable to cross-site scripting vulnerabilities and a buffer overflow vulnerability. A remote attacker could these vulnerabilities to conduct cross-site scripting attacks and to execute arbitrary code on the affected host.
* Note: This check solely checks the existence of the '/scripts/w3who.dll' CGI file to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0157.html
http://www.exaprobe.com/labs/advisories/esa-2004-1206.html
http://www.jsiinc.com/SUBL/tip5500/rh5519.htm
* Platforms Affected:
Microsoft Windows 2000 Resource Kit W3Who ISAPI Any version
Microsoft Windows Any version |
| Recommendation |
Remove the w3who.dll file from the /scripts directory. |
| Related URL |
CVE-2004-1133,CVE-2004-1134 (CVE) |
| Related URL |
11820 (SecurityFocus) |
| Related URL |
18375,18377 (ISS) |
|
