Vulnerabilities > CVE-2003-0822 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
OS | 5 |
Exploit-Db
description Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow. CVE-2003-0822. Remote exploit for windows platform id EDB-ID:16356 last seen 2016-02-01 modified 2010-07-25 published 2010-07-25 reporter metasploit source https://www.exploit-db.com/download/16356/ title Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow description MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051). CVE-2003-0822. Remote exploit for windows platform id EDB-ID:121 last seen 2016-01-31 modified 2003-11-13 published 2003-11-13 reporter Adik source https://www.exploit-db.com/download/121/ title Microsoft Frontpage Server Extensions fp30reg.dll Exploit MS03-051
Metasploit
description | This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue. |
id | MSF:EXPLOIT/WINDOWS/ISAPI/MS03_051_FP30REG_CHUNKED |
last seen | 2020-05-23 |
modified | 2017-07-24 |
published | 2010-07-25 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0822 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/isapi/ms03_051_fp30reg_chunked.rb |
title | MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow |
Nessus
NASL family | Web Servers |
NASL id | FRONTPAGE_CHUNKED_OVERFLOW.NASL |
description | The remote Microsoft FrontPage server seems vulnerable to a remote buffer overflow. Exploitation of this bug could give an unauthorized user access to the machine. The following systems are known to be vulnerable: Microsoft Windows 2000 Service Pack 2, Service Pack 3 Microsoft Windows XP, Microsoft Windows XP Service Pack 1 Microsoft Office XP, Microsoft Office XP Service Release 1. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11923 |
published | 2003-11-12 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11923 |
title | Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Remote Overflow (MS03-051 / 813360) |
code |
|
Oval
accepted 2011-05-16T04:02:50.513-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. family windows id oval:org.mitre.oval:def:364 status accepted submitted 2003-12-09T12:00:00.000-04:00 title MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 1) version 13 accepted 2011-05-16T04:02:50.905-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. family windows id oval:org.mitre.oval:def:366 status accepted submitted 2003-12-09T12:00:00.000-04:00 title MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 2) version 29 accepted 2011-05-16T04:02:51.402-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. family windows id oval:org.mitre.oval:def:367 status accepted submitted 2003-12-09T12:00:00.000-04:00 title MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 3) version 13 accepted 2008-03-24T04:00:50.398-04:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation name Jonathan Baker organization The MITRE Corporation
definition_extensions comment Microsoft Windows NT is installed oval oval:org.mitre.oval:def:36 description Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. family windows id oval:org.mitre.oval:def:699 status accepted submitted 2003-03-04T12:00:00.000-04:00 title MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 4) version 24 accepted 2011-05-16T04:03:25.346-04:00 class vulnerability contributors name Tiffany Bergeron organization The MITRE Corporation name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Anna Min organization BigFix, Inc name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. family windows id oval:org.mitre.oval:def:743 status accepted submitted 2003-03-04T12:00:00.000-04:00 title MS FrontPage Server Extensions Chunked Encoded Request Buffer Overflow (Test 5) version 12
Packetstorm
data source https://packetstormsecurity.com/files/download/82983/fp30reg_chunked.rb.txt id PACKETSTORM:82983 last seen 2016-12-05 published 2009-11-26 reporter H D Moore source https://packetstormsecurity.com/files/82983/Microsoft-IIS-ISAPI-FrontPage-fp30reg.dll-Chunked-Overflow.html title Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow data source https://packetstormsecurity.com/files/download/92138/ms03_051_fp30reg_chunked.rb.txt id PACKETSTORM:92138 last seen 2016-12-05 published 2010-07-26 reporter H D Moore source https://packetstormsecurity.com/files/92138/Microsoft-IIS-ISAPI-FrontPage-fp30reg.dll-Chunked-Overflow.html title Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
Saint
bid | 9007 |
description | FrontPage fp30reg.dll remote debug buffer overflow |
id | web_cms_fp_remotedebug |
osvdb | 2952 |
title | frontpage_remote_debug |
type | remote |
Seebug
bulletinFamily | exploit |
description | <p><strong>漏洞描述:</strong></p><p>Microsoft FrontPage服务器扩展是Microsoft公司开发的用于加强IIS Web服务器的功能的软件包。Microsoft FrontPage Server Extensions存在两个新的安全漏洞,可导致远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以FrontPage进程权限在系统上执行任意指令。 第一个漏洞是由于FrontPage服务扩展的远程调试功能上存在缓冲区溢出,这个功能用于用户远程连接FrontPage服务扩展的服务器和远程调试内容使用,如Visual Interdev。攻击者成功利用这个漏洞可以以本地SYSTEM权限在系统上执行任意指令,然后在系统上执行任意操作,如安装程序,查看更改或删除数据,建立拥有全部权限的帐户等。 第二个漏洞存在与SmartHTML解析器中,提供对WEB表单和其他基于FrontPage动态内容的支持,攻击者利用这个漏洞可以使运行FrontPage服务扩展的服务器临时停止对正常请求的响应。</p><p><strong>漏洞影响:</strong></p><p>受影响的系统:</p><p> •Microsoft Windows 2000 Service Pack 2, Service Pack 3</p><p>•Microsoft Windows XP, Microsoft Windows XP Service Pack 1</p><p>•Microsoft Windows XP 64-Bit Edition, Microsoft Windows XP 64-Bit Edition Service Pack 1</p><p>•Microsoft Office XP, Microsoft Office XP Service Pack 1, Service Pack 2</p><p>•Microsoft Office 2000 Server Extensions</p><p>不受影响的系统: </p><p>•Microsoft Windows Millennium Edition </p><p>•Microsoft Windows NT Workstation 4.0, Service Pack 6a </p><p>•Microsoft Windows NT Server 4.0, Service Pack 6a </p><p>•Microsoft Windows NT Server 4.0, Terminal Server Edition, Service Pack 6 </p><p>•Microsoft Windows 2000 Service Pack 4 </p><p>•Microsoft Windows XP 64-Bit Edition Version 2003 </p><p>•Microsoft Windows Server 2003 (Windows SharePoint Services) </p><p>•Microsoft Windows Server 2003 64-Bit Edition (Windows SharePoint Services)</p><p>•Microsoft Office System 2003 </p><p>Affected Components: </p><p>•Microsoft FrontPage Server Extensions 2000 (For Windows NT4) and Microsoft Office 2000 Server Extensions (Shipped with Office 2000)</p><p>•Microsoft FrontPage Server Extensions 2000 (Shipped with Windows 2000)</p><p>•Microsoft FrontPage Server Extensions 2000 (Shipped with Windows XP) </p><p>•Microsoft FrontPage Server Extensions 2000 64-bit (Shipped with Windows XP 64-bit)</p><p>•Microsoft FrontPage Server Extensions 2002 </p><p>•Microsoft SharePoint Team Services 2002 (Shipped with Office XP)</p><p><strong>CVE-ID:CVE-2003-0822,CVE-2003-0824 </strong></p><p><strong>CNNVD-ID:CNNVD-200312-061,CNNVD-200312-053</strong></p><p><strong>CNVD-ID:CNVD-2003-3292</strong> </p><p><strong></strong> </p><p><strong>解决方案:</strong></p><p>Microsoft </p><p>--------- </p><p>Microsoft已经为此发布了一个安全公告(MS03-051)以及相应补丁:</p><p>MS03-051:Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)链接:<a href="http://www.microsoft.com/technet/security/bulletin/MS03-051.asp">http://www.microsoft.com/technet/security/bulletin/MS03-051.asp</a></p><p>补丁下载:Microsoft FrontPage Server Extensions 2000 <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=C84C3D10-A821-4819-BF58-D3BC70A77BFA&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyId=C84C3D10-A821-4819-BF58-D3BC70A77BFA&displaylang=en</a> </p><p>Microsoft FrontPage Server Extensions 2000 (Shipped with Windows 2000) <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=057D5F0E-0E2B-47D2-9F0F-3B15DD8622A2&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyId=057D5F0E-0E2B-47D2-9F0F-3B15DD8622A2&displaylang=en</a> </p><p>Microsoft FrontPage Server Extensions 2000 (Shipped with Windows XP) <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=9B302532-BFAB-489B-82DC-ED1E49A16E1C&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyId=9B302532-BFAB-489B-82DC-ED1E49A16E1C&displaylang=en</a> </p><p>Microsoft FrontPage Server Extensions 2002 <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=3E8A21D9-708E-4E69-8299-86C49321EE25&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyId=3E8A21D9-708E-4E69-8299-86C49321EE25&displaylang=en</a> </p><p>Microsoft SharePoint Team Services 2002 (shipped with Office XP) <a href="http://www.microsoft.com/downloads/details.aspx?FamilyId=5923FC2F-D786-4E32-8F15-36A1C9E0A340&displaylang=en">http://www.microsoft.com/downloads/details.aspx?FamilyId=5923FC2F-D786-4E32-8F15-36A1C9E0A340&displaylang=en</a></p> |
id | SSV:13803 |
last seen | 2017-11-19 |
modified | 2003-11-13 |
published | 2003-11-13 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-13803 |
title | MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051) |
References
- http://marc.info/?l=bugtraq&m=106865318904055&w=2
- http://marc.info/?l=ntbugtraq&m=106862654906759&w=2
- http://secunia.com/advisories/10195
- http://www.kb.cert.org/vuls/id/279156
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13674
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A364
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A366
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A367
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A699
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A743