Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability

Microsoft has released a knowledge base article detailing solutions for this issue. It is available at the location below:

Microsoft recommends the following:

- If you are not using Index Server (for example, you don't have content on your Web site that you want to have searched), disable or uninstall the service.


- In directories that contain sensitive information, make sure to disable the Index this resource option on the appropriate tab (for example, a virtual directory on the Virtual Directory tab).


Privacy Statement
Copyright 2010, SecurityFocus