Gain root remotely : IIS ASP ISAPI filter Overflow

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.10935

Categoría: Gain root remotely

Título: IIS ASP ISAPI filter Overflow

Resumen: NOSUMMARY

Descripción: Description:

There's a buffer overflow in the remote web server through
the ASP ISAPI filter.

It is possible to overflow the remote web server and execute
commands as user SYSTEM.

Solution: See http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx
Risk factor : High

Referencia Cruzada: BugTraq ID: 4478
BugTraq ID: 4485
BugTraq ID: 4490
Common Vulnerability Exposure (CVE) ID: CVE-2002-0079
http://www.securityfocus.com/bid/4485
Bugtraq: 20020410 Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow (Google Search)
http://marc.info/?l=bugtraq&m=101846993304518&w=2
http://www.cert.org/advisories/CA-2002-09.html
CERT/CC vulnerability note: VU#610291
http://www.kb.cert.org/vuls/id/610291
Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018
http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
Microsoft Security Bulletin: MS02-018
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A25
http://www.iss.net/security_center/static/8795.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-0147
http://www.securityfocus.com/bid/4490
CERT/CC vulnerability note: VU#669779
http://www.kb.cert.org/vuls/id/669779
http://www.osvdb.org/3301
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A22
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A72
http://www.iss.net/security_center/static/8796.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-0149
http://www.securityfocus.com/bid/4478
CERT/CC vulnerability note: VU#721963
http://www.kb.cert.org/vuls/id/721963
http://www.osvdb.org/3320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A132
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A95
http://www.iss.net/security_center/static/8798.php

Copyright This script is Copyright (C) 2002 Renaud Deraison

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.10935
Categoría:	Gain root remotely
Título:	IIS ASP ISAPI filter Overflow
Resumen:	NOSUMMARY
Descripción:	Description: There's a buffer overflow in the remote web server through the ASP ISAPI filter. It is possible to overflow the remote web server and execute commands as user SYSTEM. Solution: See http://www.microsoft.com/technet/security/bulletin/ms02-018.mspx Risk factor : High
Referencia Cruzada:	BugTraq ID: 4478 BugTraq ID: 4485 BugTraq ID: 4490 Common Vulnerability Exposure (CVE) ID: CVE-2002-0079 http://www.securityfocus.com/bid/4485 Bugtraq: 20020410 Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow (Google Search) http://marc.info/?l=bugtraq&m=101846993304518&w=2 http://www.cert.org/advisories/CA-2002-09.html CERT/CC vulnerability note: VU#610291 http://www.kb.cert.org/vuls/id/610291 Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml Microsoft Security Bulletin: MS02-018 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A25 http://www.iss.net/security_center/static/8795.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0147 http://www.securityfocus.com/bid/4490 CERT/CC vulnerability note: VU#669779 http://www.kb.cert.org/vuls/id/669779 http://www.osvdb.org/3301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A22 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A72 http://www.iss.net/security_center/static/8796.php Common Vulnerability Exposure (CVE) ID: CVE-2002-0149 http://www.securityfocus.com/bid/4478 CERT/CC vulnerability note: VU#721963 http://www.kb.cert.org/vuls/id/721963 http://www.osvdb.org/3320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A132 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A95 http://www.iss.net/security_center/static/8798.php
Copyright	This script is Copyright (C) 2002 Renaud Deraison