5 matches found
CVE-2012-2531
creationtimestamp| type| source ---|---|--- 2020-10-09 15:58:23+00:00| seen| MISP/babf4434-8d64-443a-82c2-48f271a78fec...
Microsoft IIS 密码信息泄露漏洞(MS12-073)
BUGTRAQ ID: 56439 CVE ID: CVE-2012-2531 Internet Information Services(IIS,互联网信息服务)是由微软公司提供的基于运行Microsoft Windows的互联网基本服务。 Microsoft IIS 7.5对操作日志使用了弱权限,没有正确限制对某些日志文件的访问,通过读取此文件,可允许本地用户获取已配置账户的用户名和密码。要利用此漏洞需要启用IIS的操作日志。 0 Microsoft IIS 7.x 临时解决方法: 如果已经启用了IIS的"Operational"日志,则在分配给应用池自定义账户之前,请禁用...
CVE-2012-2531
CVE-2012-2531 concerns Microsoft IIS. Public description indicates IIS 7.5 stores credentials in the Operational log with weak permissions, enabling local users to read credentials (Password Disclosure Vulnerability). Connected sources reference an IIS FTP information-disclosure issue (MS12-073) ...
CVE-2012-2531
Microsoft Internet Information Services IIS 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."...
Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)
This host is missing a moderate security update according to Microsoft Bulletin MS12-073. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...