| VID |
27077 |
| Severity |
10 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
Some users can gather connection banner information shown during trying to connect to HTTP, FTP, SMTP and it may be used for hacking.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
¡á HTTP
Open w3svc.dll, w3core.dll with Hex editor and modify "Microsoft-IIS/4.0", ¡°Microsoft-IIS/5.0", ¡°Microsoft-IIS/6.0", ¡°Microsoft-IIS/7.5"
¡Ø You sholud boot windows with command prompt option and then modify theses files
¡á FTP
Open ftpsvc2.dll with Hex editor and modify "Microsoft FTP Service"
¡Ø You sholud boot windows with command prompt option and then modify theses files
¡á SMTP
1. Right click server object in IIS Management and select properties.
2. Check "Allowed to edit metabase directly" |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
