I have a site running windows 2003 server, to which port 80 is open. I'm getting this failing rating from security compliance. the following is the patches they want. I installed them and still get non compliance.
Description: vulnerable Microsoft.NET Framework version: 1.1.4322 site &ipaddress Windows Server 2003Feb 10 16:28:55 2011newSeverity: Area of Concern CVE: CVE-2007-0041 CVE-2007-0042 CVE-2007-0043 9.32352new11Impact: On a workstation, a remote attacker could execute arbitrary commands when a user opens a specially crafted web page. On a server, a remote attacker could gain unauthorized access to configuration files. Background: The .NET Framework is a programming model for building Windows applications. Resolution Install the patch referenced in Microsoft Security Bulletins [http://www.microsoft.com/technet/securi
10-041 and [http://www.microsoft.com/technet/securi
10-060. Vulnerability Details: Service: http Received: X-AspNet-Version: 1.1.4322