Internet Information Services Other Vulnerability - CVE-1999-1538
Reference:
CVE-1999-1538
Title:
Internet Information Services Other Vulnerability
Overview:
When IIS 2 or 3 is upgraded to IIS 4 ism.dll is inadvertently left in /scripts/iisadmin which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information including the Administrator39s password.