oval:org.mitre.oval:def:191

Definition Id: oval:org.mitre.oval:def:191

Oval ID:	oval:org.mitre.oval:def:191
Title:	IIS Web Server File Request Parsing
Description:	IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2000-0886	Version:	5
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\w3svc.dll version is less than 5.0.2195.2784 AND NOT Patch Q277873 Installed AND NOT Patch Q293826 Installed AND NOT Patch Q301625 Installed AND NOT Patch Q319733 Installed AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed AND NOT Win2K/XP/2003/Vista/2008 Service Pack 2 is installed