Check: WA000-WI080 IIS6
IIS6 Server:
WA000-WI080 IIS6
(in version v6 r16)
Title
The IIS Internet Printing Protocol must be disabled. (Cat II impact)
Discussion
The use of Internet Printing Protocol (IPP) on an IIS web server allows client’s access to shared printers. This privileged access could allow remote code execution by increasing the web servers attack surface. Additionally, IPP does not support SSL adding to its risk posture.
Check Content
1. Open IIS Manager > expand the applicable server > select "Web Service Extensions". 2. In the right pane, the Internet Printing extension should be displayed. 3. If the Internet Printing extension is set to "Allowed", this is a finding.
Fix Text
Set the Internet Printing Extension to “Prohibited”.
Additional Identifiers
Rule ID: SV-38150r1_rule
Vulnerability ID: V-6754
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |