Vulnerabilities > CVE-2002-0071 - Buffer Overflow vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family Web Servers NASL id IIS_HTR_ISAPI.NASL description The IIS server appears to have the .HTR ISAPI filter mapped. At least one remote vulnerability has been discovered for the .HTR filter. This is detailed in Microsoft Advisory MS02-018, and gives remote SYSTEM level access to the web server. It is recommended that, even if you have patched this vulnerability, you unmap the .HTR extension and any other unused ISAPI extensions if they are not required for the operation of your site. last seen 2020-06-01 modified 2020-06-02 plugin id 10932 published 2002-04-10 reporter This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10932 title Microsoft IIS .HTR ISAPI Filter Enabled NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS02-018.NASL description The remote version of Windows contains multiple flaws in the Internet Information Service (IIS), such as heap overflow, DoS, and XSS that could allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 10943 published 2002-04-23 reporter This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10943 title MS02-018: Cumulative Patch for Internet Information Services (327696) NASL family Web Servers NASL id IIS_HTR_OVERFLOW.NASL description The remote server is vulnerable to a buffer overflow in the .HTR filter. An attacker may use this flaw to execute arbitrary code on this host (although the exploitation of this flaw is considered difficult). last seen 2020-06-01 modified 2020-06-02 plugin id 11028 published 2002-06-13 reporter This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11028 title Microsoft IIS .HTR Filter Multiple Overflows (MS02-028)
Oval
accepted 2010-12-20T04:00:31.897-05:00 class vulnerability contributors name Tiffany Bergeron organization The MITRE Corporation name Glenn Strickland organization Secure Elements, Inc. name Shane Shaffer organization G2, Inc. name Josh Turpin organization Symantec Corporation name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. family windows id oval:org.mitre.oval:def:130 status deprecated submitted 2004-01-14T12:00:00.000-04:00 title DEPRECATED: Windows 2000 HTR ISAPI Buffer Overflow version 33 accepted 2007-05-23T15:05:46.010-04:00 class vulnerability contributors name Tiffany Bergeron organization The MITRE Corporation name Glenn Strickland organization Secure Elements, Inc. name Josh Turpin organization Symantec Corporation
description Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. family windows id oval:org.mitre.oval:def:45 status deprecated submitted 2004-01-14T12:00:00.000-04:00 title DEPRECATED: Windows NT HTR ISAPI Buffer Overflow version 29
References
- http://marc.info/?l=bugtraq&m=101854087828265&w=2
- http://www.atstake.com/research/advisories/2002/a041002-1.txt
- http://www.cert.org/advisories/CA-2002-09.html
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
- http://www.iss.net/security_center/static/8799.php
- http://www.kb.cert.org/vuls/id/363715
- http://www.osvdb.org/3325
- http://www.securityfocus.com/bid/4474
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A130
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A45