oval:org.mitre.oval:def:44

Definition Id: oval:org.mitre.oval:def:44

Oval ID:	oval:org.mitre.oval:def:44
Title:	IIS Web Server Folder Traversal
Description:	IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2000-0884	Version:	5
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\w3svc.dll version is less than 5.0.2195.2103 AND NOT Patch Q269862 Installed AND NOT Patch Q277873 Installed AND NOT Patch Q293826 Installed AND NOT Patch Q301625 Installed AND NOT Patch Q319733 Installed AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed AND NOT Win2K/XP/2003/Vista/2008 Service Pack 2 is installed