Test Kennung:	1.3.6.1.4.1.25623.1.0.101000
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft MS00-060 security check
Zusammenfassung:	Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.
Beschreibung:	Summary: Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. Vulnerability Impact: They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. Solution: Microsoft has released a patch to correct these issues. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 1594 BugTraq ID: 1595 Common Vulnerability Exposure (CVE) ID: CVE-2000-0746 http://www.securityfocus.com/bid/1594 http://www.securityfocus.com/bid/1595 Bugtraq: 20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll (Google Search) http://www.securityfocus.com/templates/archive.pike?list=1&msg=39A12BD6.E811BF4F@nat.bg Microsoft Security Bulletin: MS00-060 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060 Common Vulnerability Exposure (CVE) ID: CVE-2000-1104
Copyright	Copyright (C) 2009 Christian Eric Edjenguele

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.