Deutsche Version (DE_DE)

English version (EN_US)

Follow us on Twitter

Follow us on Facebook

Follow us on LinkedIn

Follow our RSS Feed

Support Hotline
+49 941 / 569 599-60

Web Scan Service

Easy and fast setup of a new Scan
Online Service, no software required
Web Scan Service seal for secure websites
Tests for the most critical vulnerabilities
Most comprehensive online security scanner!

Test Methods ( Detailed Overview )

Here is a list of every test performed by Web Scan Service.

IIS Unicode Arbitrary Command Execution

Remediation Task

Install patch or upgrade version

WASC Classification

Command Execution: OS Commanding

Affected Products

Microsoft IIS 4.0 and 5.0

Technical Description

Unicode Characters are decoded after the directory traversal check is done, so it is possible to bypass the intern security checks to access a file.

Fix Recommendation

Either you install a patch on your system or you should upgrade the software version to one higher than the affected ones.

This website has been certified with Web Scan Service