• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• RSS
• News
• Vulns
• Product Search

• info
• discussion
• exploit
• solution
• references

Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability

CORE has developed a working commercial exploit for their IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

Ryan Permeh of eEye Digital Security released the following 'iishack2000.c' exploit.

Wanderley J. Abreu Jr. <storm@unikey.com.br> has provided the following memory leak 'iiswebexplt.pl' exploit.

dark spyrit <dspyrit@beavuh.org> has provided the following 'jill.c' exploit.

Cyrus The Great <cyrusarmy@yahoo.com> has provided the following 'iis5hack.zip' exploit.

The exploits provided may not work on Japanese version of IIS. This does not necessarily mean Japanese IIS is not vulnerable.

An exploit has been released as part of the MetaSploit Framework 2.0.

Exploit code has also been provided by sectroyer <sectroyer@o2.pl>.

Proof of concept iis_printer_bof.c was provided by Daniele Spaccini (styx^) <the.styx@gmail.com>.

• /data/vulnerabilities/exploits/iishack2000.c
• /data/vulnerabilities/exploits/jill.c
• /data/vulnerabilities/exploits/iiswebexplt.pl
• /data/vulnerabilities/exploits/iis5hack.zip
• /data/vulnerabilities/exploits/iis50_printer_overflow.pm
• /data/vulnerabilities/exploits/sol2k.c
• /data/vulnerabilities/exploits/iis_printer_bof.c