IIS Phone Book Service exploit v1.62 Vulnerability exploited: CVE-2000-1089 - BID-2048 Category: Exploits/Remote Abuses a buffer overflow condition in Microsoft's Phone Book Service, an optional component of Microsoft's Internet Information Services server. After successful exploitation a level0 agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests. Supported Systems: Windows NT4 Server - sp6 (i386) Windows NT4 Server - sp6a (i386) Windows NT4 Enterprise Server - sp6 (i386) Windows NT4 Enterprise Server - sp6a (i386) Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.