oval:org.mitre.oval:def:909

Definition Id: oval:org.mitre.oval:def:909

Oval ID:	oval:org.mitre.oval:def:909
Title:	Windows NT IIS System File Listing Privilege Elevation Vulnerability
Description:	IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2001-0507	Version:	2
Platform(s):	Microsoft Windows NT	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
IIS 4.0 Major Version AND IIS minor version equals 0 AND File %windir%\System32\w3svc.dll is less than 4.2.769.1 AND NOT Patch Q301625 Installed