OSVDB ID: 2952

Title: Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Chunked Encoded Request Remote Overflow

Info

Disclosure

Nov 11, 2003

Discovery

Unknown

Dates

Exploit

Nov 13, 2003

Solution

Unknown

Description

A remote overflow exists in Microsoft Frontpage Server Extensions (FPSE). The fp30reg.dll library fails to handle crafted chunked encoded data resulting in a boundary overflow. With a specially crafted request, an attacker can potentially execute arbitrary code with the same privileges as the web server.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Frontpage Server Extensions	2000
	Frontpage Server Extensions	2002
	SharePoint Team Services	2002
	Windows	2000 Advanced Server
		2000 Datacenter Server
		2000 Professional
		2000 Server
		XP

References

Secunia Advisory ID: 10195
Milw0rm: 121
Exploit Database: 121
ISS X-Force ID: 13674
CVE ID: 2003-0822 (see also: NVD)
CERT VU: 279156
Related OSVDB ID: 2800
Metasploit ID: 2952
SCIP VulDB ID: 386
Microsoft Knowledge Base Article: 810217
Bugtraq ID: 9007
Generic Exploit URL: http://immunitysec.com
http://packetstormsecurity.org/0311-exploits/fp30reg.c
http://www.saintcorporation.com/cgi-bin/exploit_info/frontpage_remote_debug
Microsoft Security Bulletin: MS03-051
CIAC Advisory: o-024

Credit

Brett Moore - brett.mooresecurity-assessment.com - Security Assessment

Direct URL: http://osvdb.org/2952

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Frontpage Server Extensions

SharePoint Team Services

Windows

References

Credit