Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft IIS脚本资源访问文件上载漏洞(MS02-062)
Vulnerability Description
Microsoft IIS是一款由微软公司开发的HTTP服务程序。 Microsoft IIS 5.0在处理脚本资源访问权限操作上存在问题,远程攻击者可以利用这个漏洞上传任意文件到受此漏洞影响的WEB服务器上并以高权限执行。 Microsoft IIS 5.0服务程序在脚本资源访问权限文件类型列表中存在一个排版错误,可导致远程攻击者装载任意恶意文件到服务器中。脚本资源访问存在一个访问控制机制可防止用户上载任意执行文件或者脚本到服务器上,但是,这个机制没有防止用户上传.COM文件类型。远程攻击者如果在IIS
CVSS Information
N/A
Vulnerability Type
N/A