CVE reference in iis_isapi_overflow.nasl

From: Paul Johnston (paulat_private)
Date: Tue Apr 22 2003 - 04:40:45 PDT

  • Next message: Michel Arboi: "Xeneo web server DoS"

    Hi,
    
    I'm not sure, but I think the CVE reference in this plugin (id 10685) is 
    incorrect. It references
    
    CVE-2001-0508
    Vulnerability in IIS 5.0 allows remote attackers to cause a denial of 
    service (restart) via a long, invalid WebDAV request.
    
    This doesn't seem to match the test that the plugin is doing. Having 
    looked around, this looks like the best match:
    
    CVE-2001-0500
    Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and 
    Indexing Service 2000 in IIS 6.0 beta and earlier allows remote 
    attackers to execute arbitrary commands via a long argument to Internet 
    Data Administration (.ida) and Internet Data Query (.idq) files such as 
    default.ida, as commonly exploited by Code Red.
    
    Have I got the wrong end of the stick?
    
    Paul
    
    -- 
    Paul Johnston
    Internet Security Specialist
    Westpoint Limited
    Albion Wharf, 19 Albion Street,
    Manchester, M1 5LN
    England
    Tel: +44 (0)161 237 1028
    Fax: +44 (0)161 237 1031
    email: paulat_private
    web: www.westpoint.ltd.uk
    



    This archive was generated by hypermail 2b30 : Tue Apr 22 2003 - 04:42:19 PDT