Description

Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.

Remediation

References

CVE-2002-1694

Related Vulnerabilities

Horde remote code execution

MySQL CVE-2021-2010 Vulnerability (CVE-2021-2010)

Oracle JRE CVE-2014-2413 Vulnerability (CVE-2014-2413)

Oracle Database Server CVE-2019-2776 Vulnerability (CVE-2019-2776)

Roundcube Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-44026)

Severity

Medium

Classification

CVE-2002-1694

Tags

Missing Update Known Vulnerabilities