|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
A remote overflow exists in IIS Active Server Pages (ASP). IIS fails to allocate the proper size buffer resulting in a heap-based overflow. With a specially crafted request, an attacker can cause either a DoS or execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
This bug is almost exactly like OSVDB ID#768, except that it is caused by a different component of the ASP data transfer process and does affect IIS version 5.1.
|
|
Solution |
Install Patch Q319733, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s):
1. Disable ASP - Version 1.0 of the IIS Lockdown Tool disables ASP by default, and version 2.1 disables ASP if "Static Web Server" is selected.
2. The URLScan tool can be used to prevent chunked encoding requests.
|
|
Products |
|
IIS
 |
4.0 |
5.0 |
5.1 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
