| VID |
12050 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The IIS Web Server is vulnerable to a Buffer Overflow Vulnerability (MS99-019).
IIS version 4.0 which don't apply the patch described in MS99-019 contains a buffer overflow vulnerability involving the way that .HTR, .STM, and .IDC files are processed. IIS version 4.0 can perform various server-side processing with specific file types. Requests for files ending with .HTR, .STM, and .IDC extensions are passed to the appropriate external DLL for processing. This vulnerability allow remote attackers to execute arbitrary code with the privileges of the IIS server. Additionally, attackers can use this vulnerability to crash vulnerable IIS processes.
* Note: The IIS Web Server may be crashed by this check. Therefore restarting the service is required in order to regain normal functionality.
* References:
http://www.microsoft.com/technet/security/bulletin/ms99-019.asp
http://www.cert.org/advisories/CA-1999-07.html
http://www.eeye.com/html/Research/Advisories/AD19990608.html
http://ciac.llnl.gov/ciac/bulletins/j-048.shtml
http://support.microsoft.com/default.aspx?scid=kb;[LN];234905
http://www.iss.net/security_center/alerts/advise28.php
http://www.nipc.gov/warnings/advisories/1999/99-015_1.htm
* Platforms Affected:
Microsoft IIS 4.0
Windows NT 4.0
Windows NT Any version |
| Recommendation |
Obtain and install the latest service pack for Windows NT. For information on obtaining the latest service pack, please go to:
http://www.microsoft.com/windows/servicepacks/
As a workaround, additional steps can be used to prevent issues similar to this one from impacting any Microsoft IIS 4.0 computer. Selecting "Check if file Exists" in the script application mappings section of the ISM forces IIS 4.0 to check if the requested script exists or if the user has permission to the requested script. If not, the appropriate warning message is returned to the browser and the script engine is not invoked.
To select "Check if file Exists", perform the following steps:
1. In Internet Service Manager (ISM), double-click "Internet Information Server".
2. Right-click the computer name and then click "Properties" on the menu that appears.
3. In the "Master Properties" drop-down box, click "WWW Service", and then click "Edit".
4. Click the "Home Directory" tab and then click "Configuration".
5. Double-click the line in the extension mappings that contains ".HTR".
6. Select the "Check if file exists" check box.
7. Repeat these steps for STM and IDC application mappings.
8. Close the ISM. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
