Gain a shell remotely : MCMS : Buffer overflow in Profile Service

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11313

Category: Gain a shell remotely

Title: MCMS : Buffer overflow in Profile Service

Summary: Checks for the presence of MCMS

Description:

The remote host is running Microsoft Content Management Server.

There is a buffer overflow in the Profile Service which may
allow an attacker to execute arbitrary code on this host.

Solution : See http://www.microsoft.com/technet/security/bulletin/ms02-041.mspx
Risk factor : High

Cross-Ref: BugTraq ID: 4157
BugTraq ID: 4853
BugTraq ID: 5108
BugTraq ID: 5111
BugTraq ID: 5112
Common Vulnerability Exposure (CVE) ID: CVE-2002-0620
Microsoft Security Bulletin: MS02-033
http://www.microsoft.com/technet/security/bulletin/ms02-033.asp
http://www.securityfocus.com/bid/4853
Common Vulnerability Exposure (CVE) ID: CVE-2002-0621
Bugtraq: 20020703 Remotely Exploitable Buffer Overruns in Microsoft's Commerce Server 2000/2 (#NISRNISR03062002) (Google Search)
http://www.iss.net/security_center/static/9424.php
http://www.securityfocus.com/bid/5108
http://www.osvdb.org/5172
Common Vulnerability Exposure (CVE) ID: CVE-2002-0622
http://www.iss.net/security_center/static/9425.php
http://www.securityfocus.com/bid/5111
http://www.osvdb.org/5170
Common Vulnerability Exposure (CVE) ID: CVE-2002-0623
http://www.securityfocus.com/bid/5112
http://www.iss.net/security_center/static/9426.php
http://www.osvdb.org/5163
Common Vulnerability Exposure (CVE) ID: CVE-2002-0050
Microsoft Security Bulletin: MS02-010
http://www.microsoft.com/technet/security/bulletin/ms02-010.asp
http://www.securityfocus.com/bid/4157

Copyright This script is Copyright (C) 2003 Renaud Deraison

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.11313
Category:	Gain a shell remotely
Title:	MCMS : Buffer overflow in Profile Service
Summary:	Checks for the presence of MCMS
Description:	The remote host is running Microsoft Content Management Server. There is a buffer overflow in the Profile Service which may allow an attacker to execute arbitrary code on this host. Solution : See http://www.microsoft.com/technet/security/bulletin/ms02-041.mspx Risk factor : High
Cross-Ref:	BugTraq ID: 4157 BugTraq ID: 4853 BugTraq ID: 5108 BugTraq ID: 5111 BugTraq ID: 5112 Common Vulnerability Exposure (CVE) ID: CVE-2002-0620 Microsoft Security Bulletin: MS02-033 http://www.microsoft.com/technet/security/bulletin/ms02-033.asp http://www.securityfocus.com/bid/4853 Common Vulnerability Exposure (CVE) ID: CVE-2002-0621 Bugtraq: 20020703 Remotely Exploitable Buffer Overruns in Microsoft's Commerce Server 2000/2 (#NISRNISR03062002) (Google Search) http://www.iss.net/security_center/static/9424.php http://www.securityfocus.com/bid/5108 http://www.osvdb.org/5172 Common Vulnerability Exposure (CVE) ID: CVE-2002-0622 http://www.iss.net/security_center/static/9425.php http://www.securityfocus.com/bid/5111 http://www.osvdb.org/5170 Common Vulnerability Exposure (CVE) ID: CVE-2002-0623 http://www.securityfocus.com/bid/5112 http://www.iss.net/security_center/static/9426.php http://www.osvdb.org/5163 Common Vulnerability Exposure (CVE) ID: CVE-2002-0050 Microsoft Security Bulletin: MS02-010 http://www.microsoft.com/technet/security/bulletin/ms02-010.asp http://www.securityfocus.com/bid/4157
Copyright	This script is Copyright (C) 2003 Renaud Deraison