Detect CIS Ports Network Vulnerability

Summary

This detects the CIS ports by connecting to the server and processing the buffer received. CIS (COM+ Internet Services) are RPC over HTTP tunneling and requires IIS to operate. CIS ports shouldn't be visible on internet but only behind a firewall. If you do not use this service, then disable it as it may become a security threat in the future, if a vulnerability is discovered.

Solution

Disable CIS with DCOMCNFG or protect CIS ports by a Firewall. http://support.microsoft.com/support/kb/articles/Q282/2/61.ASP For more information about CIS: http://msdn.microsoft.com/library/en-us/dndcom/html/cis.asp

Severity

Classification

CVSS Base Score: 0.0
AV:N/AC:L/Au:N/C:N/I:N/A:N

Related Vulnerabilities

BlackBerry Desktop Software Version Detection
Apache Roller Version Detection
BigAnt IM Server Detection
Apple iTunes Version Detection (Mac OS X)
CTorrent/Enhanced CTorrent Version Detection

Detect CIS ports

Take action and discover your vulnerabilities