source: http://www.securityfocus.com/bid/189/info Web-based administration for IIS 4.0 is, by default, limited to the local loopback address, 127.0.0.1. In instances where IIS4.0 was installed as an upgrade to IIS 2.0 or 3.0, a legacy ISAPI DLL (ISM.DLL) is left in the /scripts/iisadmin directory. An attacker may call this DLL via the following syntax: http://www.server.com/scripts/iisadmin/ism.dll?http/dir This URL prompts the user for a username/password to access the remote administration console. Although approved access does not permit the user to commit changes to the IIS server, it may allow them to gather sensitive information about the web server and its configuration.
Related ExploitsTrying to match CVEs (1): CVE-1999-1538
Trying to match OSVDBs (1): 273
Other Possible E-DB Search Terms: Microsoft IIS 4 (Windows NT), Microsoft IIS 4, Microsoft IIS