Lucene search
K

5 matches found

Circl
Circl
added 2020/10/09 3:58 p.m.12 views

CVE-2012-2531

creationtimestamp| type| source ---|---|--- 2020-10-09 15:58:23+00:00| seen| MISP/babf4434-8d64-443a-82c2-48f271a78fec...

2.1CVSS6.8AI score0.00942EPSS
Exploits1
seebug.org
seebug.org
added 2012/11/19 12:0 a.m.1015 views

Microsoft IIS 密码信息泄露漏洞(MS12-073)

BUGTRAQ ID: 56439 CVE ID: CVE-2012-2531 Internet Information Services(IIS,互联网信息服务)是由微软公司提供的基于运行Microsoft Windows的互联网基本服务。 Microsoft IIS 7.5对操作日志使用了弱权限,没有正确限制对某些日志文件的访问,通过读取此文件,可允许本地用户获取已配置账户的用户名和密码。要利用此漏洞需要启用IIS的操作日志。 0 Microsoft IIS 7.x 临时解决方法: 如果已经启用了IIS的"Operational"日志,则在分配给应用池自定义账户之前,请禁用...

2.1CVSS6.1AI score0.00942EPSS
Exploits1
CVE
CVE
added 2012/11/14 12:0 a.m.728 views

CVE-2012-2531

CVE-2012-2531 concerns Microsoft IIS. Public description indicates IIS 7.5 stores credentials in the Operational log with weak permissions, enabling local users to read credentials (Password Disclosure Vulnerability). Connected sources reference an IIS FTP information-disclosure issue (MS12-073) ...

2.1CVSS6.2AI score0.00942EPSS
Exploits1References3
Cvelist
Cvelist
added 2012/11/14 12:0 a.m.31 views

CVE-2012-2531

Microsoft Internet Information Services IIS 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."...

6.2AI score0.00942EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/11/14 12:0 a.m.158 views

Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)

This host is missing a moderate security update according to Microsoft Bulletin MS12-073. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS5AI score0.41968EPSS
Exploits2References3
Rows per page
Query Builder