CVE-2004-1134

Related Files

Microsoft IIS ISAPI w3who.dll Query String Overflow

Posted Nov 26, 2009

Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a stack overflow in the w3who.dll ISAPI application. This vulnerability was discovered Nicolas Gregoire and this code has been successfully tested against Windows 2000 and Windows XP (SP2). When exploiting Windows XP, the payload must call RevertToSelf before it will be able to spawn a command shell.

tags | exploit, overflow, shell

systems | windows

advisories | CVE-2004-1134

SHA-256 | 20dab4e4e251ffcc0767b137171a85e4e58282441f0fc58daff570c8f12e47f8

Download | Favorite | View

iis_w3who_overflow.pm

Posted Jan 12, 2005

Authored by H D Moore | Site metasploit.com

Remote buffer overflow exploit for the w3who.dll in Microsoft Windows 2000. Drops to a command shell.

tags | exploit, remote, overflow, shell

systems | windows

advisories | CVE-2004-1134

SHA-256 | 791c811f7b49febb9fa1bb40a85b1ab1d9f1f2712120f52a797cf5c3770e9942

Download | Favorite | View

Exaprobe Security Advisory 2004-12-06

Posted Dec 12, 2004

Authored by Nicolas Gregoire, Exaprobe | Site exaprobe.com

Exaprobe Security Advisory - The w3who.dll in Windows 2000 is susceptible to multiple cross site scripting attacks and a buffer overflow.

tags | advisory, overflow, xss

systems | windows

advisories | CVE-2004-1133, CVE-2004-1134

SHA-256 | 8ece849689003d2f57457e84d45b0e4e644b9bb92da86652b968cbe2ed278a03

Download | Favorite | View