| VID |
27072 |
| Severity |
40 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
If write permission is given to the home directory, any user can write or modify, which may cause damage due to information leakage and file forgery or alteration.
* Platforms Affected:
Microsoft IIS Server |
| Recommendation |
1. Internet Information Service(IIS) Management> FTP Site> Properties> Home Directory Tab> Check FTP Home Directory
2. Explorer> Home Directory> Properties> Security Tab> Remove Everyone rights
¡Ø Don't create additional FTP site, but bind FTP site to current web site in IIS 7 and later versions.
(Administrative Tools> Internet Information Service(IIS) 6.0 Manager > FTP Setting) |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
