WA000-WI080 IIS6 – The IIS Internet Printing Protocol must be disabled.

Details

The use of Internet Printing Protocol (IPP) on an IIS web server allows client’s access to shared printers. This privileged access could allow remote code execution by increasing the web servers attack surface. Additionally, IPP does not support SSL adding to its risk posture.

Solution

Set the Internet Printing Extension to ‘Prohibited’.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/July2015/U_IIS_6-0_V6R16_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-7b.
CAT|II
CSCv6|9.1
Rule-ID|SV-38150r1_rule
STIG-ID|WA000-WI080_IIS6
Vuln-ID|V-6754

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles