Magnus
Administrator
Ad astra per aspera.
Posts: 4082
|
 |
IIS Buffer Overflow Vulnerability
« on: Apr 11th, 2002, 3:37pm » |
 Quote  Modify
|
This is from eEye's advisory which was posted on Bugtraq:
Quote:
Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow
Release Date:
00/00/2002
Severity:
High (Remote code execution)
IWAM_MACHINE Privilege Level
Systems Affected:
Microsoft Windows NT 4.0 Internet Information Services 4.0
Microsoft Windows 2000 Internet Information Services 5.0
Description:
A vulnerability in the ASP (Active Server Pages) ISAPI filter, loaded by
default on all NT4 and Windows 2000 server systems (running IIS), can be
exploited to remotely execute code of an attackers choice. The fault lies
within the decoding and interpretation of form data received by malicious
clients. By chunk encoding form data we can force IIS to overwrite 4 bytes
of arbitrary memory with data we supply.
This is a very serious vulnerability and eEye suggests that administrators
install the Microsoft supplied patch as soon as possible.
|
|
Microsoft has released a security bulletin and patch:
http://www.microsoft.com/technet/security/bulletin/MS02-018.asp
|
Mischel Internet Security Forum
Reply
Notify of replies
Send Topic
Print
Author
IP Logged
Search
Members
Login
Register