|
|
Info |
Last Modified |
| 7 months ago |
|
|
|
|
Description |
Windows Media Services contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to a flaw in the ISAPI (Internet Services Application Programming Interface) extension handling of incoming client requests in the nsiislog.dll file of the Internet Information Services (IIS). With a specially crafted POST request, an attacker may create a denial of service or exexcute arbitrary code.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.
|
|
Products |
|
Windows
 |
2000 |
|
|
|
|
|
|
|
Credit |
- Brett Moore - brett.moore
security-assessment.com - Security Assessment
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|