| VID |
27039 |
| Severity |
40 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
IIS service is running on the remote system. IIS provide the best web services but profiling, denial of service, unauthorized access, execution of arbitrary code, information disclosure, viruses, worms, and Trojan horses can be exposed to the threat.
* The vulnerability checks a service name(IISADMIN) specified in the ministry of security and public administration notify in supplement of 2012-54. If the service name different, it might be a false positive.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
If you do not need to stop the IIS web service.
1. Run> SERVICES.MSC> IISADMIN > Properties
2. Startup type -> Disabled, Service status -> Stop Set |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
