Intrusion PreventionMS.IIS.Configuration.File.Information.Disclosure
Description
It indicates a potential path disclosure vulnerability in Microsoft Internet Information Service (IIS).
IIS 5.1 web server may have a vulnerability that allows remote users to access sensitive system information from configuration (.cnf) files by submitting a specially-crafted request.
Affected Products
Any unprotected IIS 5.1 is vulnerable to the attack.
Impact
Attackers can gain sensitive information on the victim system.
Recommended Actions
Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
References
1| ID | 13079 |
| Created | Sep 11, 2006 |
| Updated | Aug 29, 2022 |
| Risk |
|
| CVE ID | |
| Default Action | pass |
| Active | |
| Affected OS | Windows |
| Affected App | IIS |