Microsoft MS00-078 Security Check Network Vulnerability

Summary

Microsoft IIS 4.0 and 5.0 are affected by a web server trasversal vulnerability. This vulnerability could potentially allow a visitor to a web site to take a wide range of destructive actions against it, including running programs on it.

Solution

There is not a new patch for this vulnerability. Instead, it is eliminated by the patch that accompanied Microsoft Security Bulletin MS00-057. Download locations for this patch Microsoft IIS 4.0: http://support.microsoft.com/kb/269862/en-us Microsoft IIS 5.0: http://technet.microsoft.com/windowsserver/2000/default.aspx

Severity

Classification

CVE CVE-2000-0884

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ADODB.Stream object from Internet Explorer (KB870669)
Microsoft Filter Pack Remote Code Execution Vulnerability (2801261)
Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Microsoft DirectAccess Security Advisory (2862152)
Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)

Microsoft MS00-078 security check

Take action and discover your vulnerabilities