PROBLEM
Security vulnerability in ArcGIS Server 10 Image Service file resource
Description
Publishing an ArcGIS Server 10 Image Service that uses a Mosaic Dataset can expose a security vulnerability.
Cause
This vulnerability is in ArcGIS Server 10 Image Services that use a Mosaic Dataset.
Solution or Workaround
Download and apply the ArcGIS 10.0 SP2 (Server) Image Service file resource security Patch to resolve this security vulnerability.If this patch cannot be installed, disable Image Service Download capability. The instructions provided below describe how to disable the Image Service Download capability.
1. Verify that ArcGIS Server service pack 10.0 SP1 or higher is installed.
2. Make an administrative connection to ArcGIS Server using ArcCatalog or ArcGIS Server Manager.
3. Stop the image service that is using a mosaic dataset.
4. In Service Properties, under the Capabilities tab, uncheck the option "Download".
5. Save the settings and restart the Service
6. Repeat the steps 2-5 for all image services with Mosaic Datasets that have the Download capability enabled.
7. Login to the REST API administrator and clear the REST cache.
2. Make an administrative connection to ArcGIS Server using ArcCatalog or ArcGIS Server Manager.
3. Stop the image service that is using a mosaic dataset.
4. In Service Properties, under the Capabilities tab, uncheck the option "Download".
5. Save the settings and restart the Service
6. Repeat the steps 2-5 for all image services with Mosaic Datasets that have the Download capability enabled.
7. Login to the REST API administrator and clear the REST cache.
Article ID:000011296
Software:
- ArcGIS Server
Get help from ArcGIS experts
Download the Esri Support App
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback