Control Scan AKA “PCI ASSURE” is a PCI Scanner used by many Ecommerce Sites. Unfortunately, their scanner can see if it’s a 2003 server; however it’s unable to actually test for these vulnerabilities. That said, here is a common list for a 2003 Web Server and the associated fixes.
Possible Microsoft IIS ASP Upload Command Execution Vulnerability
Risk: High (3)
Port: 443/tcp
Protocol: tcp
Threat ID: web_server_iis_aspbo
Details: ASP Upload Command Execution vulnerability
Solution
screenshot showing KB2124261
Run the following from a command prompt and get a screenshot to send in with your dispute.
wmic qfe | find "2124261"
VNC VNCLog Buffer Overflow
Risk: High (3)
Port: 5900/tcp
Protocol: TCP
Threat ID: misc_vncbo
Details: VNCLog and Log Buffer Overflows
Solution
I actually use UVNC, so clicking on the UVNC icon then “about…” will display the current version. Send a screen shot with your dispute showing that the server is on a version newer than 1.0.1
Possible vulnerability in Microsoft Terminal Server
Risk: High (3)
Port: 3389/tcp
Protocol: TCP
Threat ID: misc_msterminal
Details: RDP Denial of Service
http://support.microsoft.com/kb/899591
Solution
This issue is rolled up into Windows 2003 SP2
Right click “My Computer”, go to properties and get a screenshot showing the service pack. Send this to Control Scan to dispute the threat.
Solution B
You should also enable RDP over SSL with the following steps.
Start / Administrative Tools / Terminal Services Configuration
Right Click on RDP-TCP and choose Properties
Once Properties Pop Up choose the following
Encryption Level High
Select the Certificate
SSL Security Layer
Microsoft Internet Information Services FTP Server Remote Buffer Overflow
THREAT REFERENCE
Summary:
Microsoft Internet Information Services FTP Server Remote Buffer Overflow
Risk: High (3)
Port: 80/tcp
Protocol: tcp
Threat ID: win_patch_iisftpbo
Details: FTP Server Remote Buffer Overflow
Solution
http://support.microsoft.com/kb/975254
Run the following from a command prompt and get a screenshot to send in with your dispute.
wmic qfe | find "975254"
Possible Microsoft IIS ASP Remote Code Execution vulnerability
THREAT REFERENCE
Summary:
Possible Microsoft IIS ASP Remote Code Execution vulnerability
Risk: High (3)
Port: 443/tcp
Protocol: tcp
Threat ID: web_server_iis_asp
Details: ASP Remote Code Execution vulnerability
Solution
http://technet.microsoft.com/en-us/security/bulletin/ms06-034
In other words, this is part of 2003 Service pack 1. Send the screenshot from earlier stating the Service Pack is installed.