Vulnerabilities > CVE-2001-0506 - Unspecified vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Microsoft IIS 4/5 SSI Buffer Overrun Privelege Elevation. CVE-2001-0506 . Local exploit for windows platform |
id | EDB-ID:21071 |
last seen | 2016-02-02 |
modified | 2001-08-15 |
published | 2001-08-15 |
reporter | Indigo |
source | https://www.exploit-db.com/download/21071/ |
title | Microsoft IIS 4/5 - SSI Buffer Overrun Privelege Elevation |
Nessus
NASL family | Web Servers |
NASL id | IIS_ISAPI_OVERFLOW.NASL |
description | There |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10685 |
published | 2001-06-19 |
reporter | This script is Copyright (C) 2001-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10685 |
title | Microsoft IIS ISAPI Filter Multiple Vulnerabilities (MS01-044) |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/25189/sa2001_06.txt |
id | PACKETSTORM:25189 |
last seen | 2016-12-05 |
published | 2001-08-19 |
reporter | nsfocus.com |
source | https://packetstormsecurity.com/files/25189/sa2001_06.txt.html |
title | sa2001_06.txt |
References
- http://marc.info/?l=bugtraq&m=99802093532233&w=2
- http://marc.info/?l=bugtraq&m=99802093532233&w=2
- http://online.securityfocus.com/archive/1/242541
- http://online.securityfocus.com/archive/1/242541
- http://www.ciac.org/ciac/bulletins/l-132.shtml
- http://www.ciac.org/ciac/bulletins/l-132.shtml
- http://www.securityfocus.com/bid/3190
- http://www.securityfocus.com/bid/3190
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6984
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6984