504387 : (/pbserver/pbserver.dll) is present

Risk 5 : Web Services

The web server contains an application which may have a vulnerability. If the vulnerability is present, an unauthorized user could read files, change files, or execute commands on the server.

The Hypertext Transport Protocol (HTTP) allows a client to access HTML pages and other web applications using a web browser. HTTP servers contain programs which perform functions on the server at the request of the client (when a form is submitted, for example), and transmit results to the client's browser in the form of an HTML page.

06/13/13 pbserver.dll: CVE 2000-1089 Microsoft Phone Book Server is an optional component of IIS 4 and 5. A buffer overflow condition could allow an attacker to execute arbitrary code with the privileges of IUSR_machinename with IIS 4 or IWAM_machinename with IIS 5. Resolution: Apply a patch referenced in Microsoft Security Bulletin MS 00-094. (Reference)

pbserver.dll: See the http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0012&L=ntbugtraq&F=&S=&P=172 CORE-SDI advisory and http://www.microsoft.com/technet/security/bulletin/ms00-094.mspx Microsoft Security Bulletin MS 00-094.

References:
CVSS Information:
Low Attack Complexity, Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Credit:
Saint Coorporation : 2010-03-26
New Search
Keywords
Risk Factor
Start Date
End Date
Browse