Microsoft MS00-078 Security Check Network Vulnerability

Summary

Microsoft IIS 4.0 and 5.0 are affected by a web server trasversal vulnerability. This vulnerability could potentially allow a visitor to a web site to take a wide range of destructive actions against it, including running programs on it.

Solution

There is not a new patch for this vulnerability. Instead, it is eliminated by the patch that accompanied Microsoft Security Bulletin MS00-057. Download locations for this patch Microsoft IIS 4.0: http://support.microsoft.com/kb/269862/en-us Microsoft IIS 5.0: http://technet.microsoft.com/windowsserver/2000/default.aspx

Severity

Classification

CVE CVE-2000-0884
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft DirectShow Remote Code Execution Vulnerability (2929961)
Cumulative Security Update for Internet Explorer (931768)
Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Cumulative Security Update for Internet Explorer (937143)
Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)

Microsoft MS00-078 security check

Take action and discover your vulnerabilities