Check: WA000-WI110 IIS6
IIS6 Server:
WA000-WI110 IIS6
(in version v6 r16)
Title
The command shell options must be disabled. (Cat I impact)
Discussion
The command shell can be used to call arbitrary commands at the web server from within an HTML page.
Check Content
Check the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters for the following value: SSIEnableCmdDirective REG_DWORD 0. If the key does not exist or if the value is not a REG_DWORD= 0, this is a finding.
Fix Text
Set the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters to the following value: SSIEnableCmdDirective REG_DWORD 0
Additional Identifiers
Rule ID: SV-38159r1_rule
Vulnerability ID: V-13701
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |