Hi. I signed up for the trial PCI scan and got flagged with the following high level vulnerability
Microsoft ASP.NET MS-DOS Device Name DoS 80 / tcp / www
CVE-2007-2897
However when I started Googling it appears that this is only relevant if you are running IIS6 on Windows 2003.
Our website runs on Win 2012 and IIS8
I’ve had a trial scan from another company that hasn’t flagged this up
It’s possible the internet posts and other company are wrong though. Has anyone else come across this?
thanks