Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.Referenceshttp://www.securityfocus.com/bid/3888https://exchange.xforce.ibmcloud.com/vulnerabilities/7919http://online.securityfocus.com/archive/1/250591
