Code: p1137 Severity: Warning
Description: This event is generated when an attempt is made to request an HTTP-based password change. Impact: Information gathering/remote access. Error messages from failed password changes can indicate whether a given account exists on the server. Successful password changes can allow remote access to the server. Corrective: Upgrade to a more current version of ISS. Consider running the IIS Lockdown Tool to disable unnecessary functionality.
|
