Insecure Log File Permissions in Microsoft Internet Information Server
CVE-2002-1694

Currently unrated

Key Information:

Vendor

Microsoft
Status
Internet Information Services
Internet Information Server
Vendor
CVE Published:
31 December 2002

What is CVE-2002-1694?

Microsoft Internet Information Server (IIS) 4.0 contains a vulnerability where log files are created with FILE_SHARE_READ and FILE_SHARE_WRITE permissions. This configuration may allow unauthorized remote attackers to alter the contents of active log files while the server is running. Such modifications could lead to misrepresentation of access records, evasion of detection measures, and further compromises of server security. It is critical for administrators to review their server's logging configurations to prevent potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/3888
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/7919
vdb-entryx_refsource_XF
http://online.securityfocus.com/archive/1/250591
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.