Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:967 |
Message | WEB-FRONTPAGE dvwssr.dll access |
Summary | dvwssr.dll is a component installed with Windows NT Option Pack 4.0, Personal Web Server for Windows 95 and 98 and Front Page 98 Server Extensions. This component is vulnerable to a buffer overflow which may allow for the execution of arbitrary code that would run in the context of the system account. |
Impact | Serious. Execution of arbitrary code and Denial of Service (DoS). |
Detailed Information | As with an abundance of other exploits related to Microsoft's Internet Information Services and web server based implementations, it is possible for an attacker to run code of choice against the vulnerable web server. It is also possible to use this exploit to stop the remote server from responding which would result in a DoS. |
Affected Systems | |
Attack Scenarios | |
Ease of Attack | This attack would require for both the dvwssr.dll file to reside on the web server and for the correct permissions to be in place in order for the attack to be successful. Using a script to send continued requests for the file dvwssr.dll would make a denial of service attack fairly easy. |
Corrective Action | Remove dvwssr.dll from the web server and test all necessary functionality. See additional references for more information. |
Additional References | Security Focus BugTraq ID http://www.securityfocus.com/bid/1109 CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0260 Microsoft ms00-025 http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms00-025.asp |
Rule References | arachnids: 271 bugtraq: 1108 bugtraq: 1109 cve: 2000-0260 nessus: 10369 url: www.microsoft.com/technet/security/bulletin/ms00-025.mspx |
--
DID:624097
--
http://www.aanval.com/