2952 : Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Chunked Encoded Request Remote Overflow
Printer | http://osvdb.org/2952 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
10	1515	over 8 years ago	about 1 year ago	12 times	90%

Timeline

Disclosure Date	Exploit Publish Date
2003-11-11	2003-11-13

Description

A remote overflow exists in Microsoft Frontpage Server Extensions (FPSE). The fp30reg.dll library fails to handle crafted chunked encoded data resulting in a boundary overflow. With a specially crafted request, an attacker can potentially execute arbitrary code with the same privileges as the web server.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 Advanced Server
		2000 Datacenter Server
		2000 Professional
		2000 Server
		XP
	Frontpage Server Extensions	2000
	Frontpage Server Extensions	2002
	SharePoint Team Services	2002

References

Secunia Advisory ID: 10195
Milw0rm: 121
Exploit Database: 121
ISS X-Force ID: 13674
CVE ID: 2003-0822 (see also: NVD)
CERT VU: 279156
Related OSVDB ID: 2800
Metasploit ID: 2952
SCIP VulDB ID: 386
Microsoft Knowledge Base Article: 810217
Bugtraq ID: 9007
Generic Exploit URL: http://immunitysec.com
http://packetstormsecurity.org/0311-exploits/fp30reg.c
http://www.saintcorporation.com/cgi-bin/exploit_info/frontpage_remote_debug
Microsoft Security Bulletin: MS03-051
CIAC Advisory: o-024

Tools & Filters

	11923
Snort	1248
	2180

Credit

Brett Moore - brett.mooresecurity-assessment.com - Security Assessment

CVSSv2 Score

CVSSv2 Base Score = 7.5
Source: nvd.nist.gov | Generated: 2003-12-31 | Disagree?

Blogs

This product uses the Daylife API but is not endorsed or certified by Daylife.

This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.