Vulnerabilities > CVE-2002-1182 - Unspecified vulnerability in Microsoft Internet Information Services 5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS02-018.NASL |
| description | The remote version of Windows contains multiple flaws in the Internet Information Service (IIS), such as heap overflow, DoS, and XSS that could allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10943 |
| published | 2002-04-23 |
| reporter | This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/10943 |
| title | MS02-018: Cumulative Patch for Internet Information Services (327696) |
Oval
accepted 2007-08-02T14:47:14.777-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc.
description IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. family windows id oval:org.mitre.oval:def:1009 status accepted submitted 2004-05-19T12:00:00.000-04:00 title Windows XP IIS5 WebDAV Denial of Service version 28 accepted 2005-02-16T12:00:00.000-04:00 class vulnerability contributors name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation
description IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. family windows id oval:org.mitre.oval:def:1011 status accepted submitted 2004-05-12T12:00:00.000-04:00 title Windows 2000 IIS5 WebDAV Denial of Service version 65
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0048.html
- http://www.ciac.org/ciac/bulletins/n-011.shtml
- http://www.nextgenss.com/advisories/ms-iisdos.txt
- http://www.nextgenss.com/vna/ms-iisdos.txt
- http://www.securityfocus.com/bid/4846
- http://www.securityfocus.com/bid/6068
- http://www.securityfocus.com/bid/6070
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10184
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10503
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1009
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1011