Intrusion Prevention

MS.IIS.Cpshost.DLL.Access

Description

This indicates a file upload vulnerability in Microsoft Internet Information Server (IIS).

Some versions of IIS include the file that allows remote users to upload content to the web server. These uploads can include scripts or executables that could allow an attacker to execute hostile content.

Affected Products

Any unprotected IIS that includes cpshost.dll is vulnerable to the attack.

Impact

Attackers can upload and execute potentially malicious files on victim system.

Recommended Actions

Remove the cpshost.dll if it is not used.

Block the remote access to the cpshost.dll file.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2024-09-02	28.856	Modified	Name:MS. IIS. Cpshost. Dll. Access:MS. IIS. Cpshost. DLL. Access

ID	12439
Created	Sep 11, 2006
Updated	Aug 29, 2024
Risk
Default Action	drop
Active
Affected OS	Windows
Affected App	IIS
Profile Type	Permission/Privilege/Access Control

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

MS.IIS.Cpshost.DLL.Access

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

MS.IIS.Cpshost.DLL.Access

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center