Description

Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.

Remediation

References

CVE-2002-1694

Related Vulnerabilities

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.67)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-5899)

GibbonEdu Improper Neutralization of Special Elements Used in a Template Engine Vulnerability (CVE-2024-24724)

PostgreSQL Other Vulnerability (CVE-2005-0245)

CubeCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-33438)

Severity

Medium

Classification

CVE-2002-1694

Tags

Missing Update Known Vulnerabilities