Microsoft IIS 4.0 and 5.0 contains a buffer overrun condition in the isapi extension that handles .htr extensions that allows attackers to crash the service and/or execute arbitrary code on the server. A flaw in ism.dll which handles files with the .htr extension is the cause of this vulnerability. Microsoft advisory on this vulnerability here.
d27278de1182e49dc003e21db2c36a8adea55112733bdca6d516e9cfd57786bfA flaw in internal object interaction allows malicious users to bring down Internet Information Server 4.0, 5.0 and 5.1 with FP2002. Frontpage contains URL parsers for dynamic components (shtml.exe/dll). If a malicious user issues a request for /_vti_bin/shtml.exe where the URL for the dynamic contents is replaced with a long URL, the submodule will filter out the URL, and return a null value to the web service URL parser, crashing IIS. Microsoft advisory on this vulnerability here.
2c7f22d92ba1efc6894fb32573cb90993ce6539d8792aa6eb6822d2b40b8c827A vulnerability in the ASP (Active Server Pages) ISAPI filter, loaded by default on all NT4 and Windows 2000 server systems (running IIS), can be exploited to remotely execute code of an attackers choice. Example which causes an application error included. Microsoft advisory on this vulnerability here.
4e83e6b8e01187a334ff07545a457cce7fd15e5e451d031b026e792361bb9d42Microsoft Security Advisory MS02-018 - IIS 4.0, 5.0, and 5.1 contains Ten new vulnerabilities, some of which allow remote code execution. Microsoft FAQ on this issue available here.
56ea569316e19654541134d5ca36c500f06a0822f56a57f9452fcb4f23429c0eAtstake Security Advisory A041002 - IIS for Windows NT 4.0 and 2000 contains a heap overflow in .htr files which results in remote code execution in the IUSR_machine security context. This vulnerability has been verified on IIS 4.0 and 5.0 with SP2 and the latest security patches as of April 1, 2002.
d3c9eff0c4dcc24c4baf63a87290f4596e2768d47502b4211ec6c148b401ddcaThe Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be handled by the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, Net::Packet.
d39186c256dabcb09d9cd1b8421b0520a52fc1c0e2215856e19eea91a5412c06
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed