about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability


Title Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability
Published 2001-05-01-12:00AM
Updated 2005-02-07-09:07PM
Class Boundary Condition Error
CVE   CVE-2001-0241
Remote  Yes
Local  No
Credit  Discovered by Riley Hassel of eEye Digital Security and posted in a Microsoft Security Bulletin MS01-023 on May 1, 2001.
Vulnerable  Microsoft IIS 5.0
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Not Vulnerable  
Code   CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

Ryan Permeh of eEye Digital Security released the following 'iishack2000.c' exploit.

Wanderley J. Abreu Jr. <storm@unikey.com.br> has provided the following memory leak 'iiswebexplt.pl' exploit.

dark spyrit <dspyrit@beavuh.org> has provided the following 'jill.c' exploit.

Cyrus The Great <cyrusarmy@yahoo.com> has provided the following 'iis5hack.zip' exploit.

The exploits provided may not work on Japanese version of IIS. This does not necessarily mean Japanese IIS is not vulnerable.

An exploit has been released as part of the MetaSploit Framework 2.0.

Exploit code has also been provided by sectroyer <sectroyer@o2.pl>.

Proof of concept iis_printer_bof.c was provided by Daniele Spaccini (styx^) <the.styx@gmail.com>. /data/vulnerabilities/exploits/iishack2000.c /data/vulnerabilities/exploits/jill.c /data/vulnerabilities/exploits/iiswebexplt.pl /data/vulnerabilities/exploits/iis5hack.zip /data/vulnerabilities/exploits/iis50_printer_overflow.pm /data/vulnerabilities/exploits/sol2k.c /data/vulnerabilities/exploits/iis_printer_bof.c
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 21:45:01 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
news for c Sexy actre Www vedu s t513t [evilhost] indian sex Www xxxtv VBulletin+ Rape www.sex.lk news for c www.89six. news for c downlaod o A small gi news for c Www xxxtv WWW.SEKS F t513t www.xxx.co Www.bigboo indianscho flashchat. FREE SEX V news for c for sxey xxx indian sxeygirls. Www.Sexygi for sxey Street fig Linux 2.6. for sxey www.xxxl.c news for c linux 2.6. t768t t768t Yuo.tube.c news for c p-news p-news free anima saxi image realvnc 4. WWW AREBSE Yuo.tube.c XXX BACKGR www.asspor news for c