|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
Microsoft Content Management Server 2001 contains a flaw that may allow a malicious user to upload arbitrary content to the server. The issue exists due to the the fact that CMS 2001 fails to properly authenticate users when using the resource upload script, and fails to sanitize user suplied input on the file name argument, allowing an attacker to upload content to arbitrary locations on the server. It is possible that the flaw may allow remote command execution, resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Authentication Management,
Input Manipulation,
Misconfiguration
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
By uploading ASP or other equivalent server side scripting files, a remote attacker may be able to execute arbitrary commands on the server as IWAM_machinename.
|
|
Solution |
The following corrective actions have been reported to fix this vulnerability:
- Apply HotFix discussed in MS02-41
- Apply CMS 2001 Security Rollup 1
- Upgrade to SP2
It is also possible to correct the flaw by implementing the following workaround:
- Disable Web Authoring if not in use.
|
|
Products |
|
Content Management Server
 |
2001 |
2001 SP1 |
|
|
|
|
Credit |
- Joao Gouveia - tharbad
 kaotik.org - Personal Page
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
