OSVDB ID: 3323 Title: Microsoft IIS ISAPI .printer Extension Host Header Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
Microsoft IIS contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable server. The issue is due to the .printer ISAPI (Internet Services Application Programming Interface) Internet Printing Protocol (IPP) filter, handled by \WINNT\System32\msw3prt.dll, containing a buffer overflow. When a buffer of 420 bytes is sent within the HTTP Host: header of a .printer ISAPI request, the buffer is overflowed allowing the attacker to overwrite the EIP register and execute arbitrary code with SYSTEM access. |
Classification |
Location:
Remote / Network Access
Attack Type: Input Manipulation Impact: Loss of Integrity Exploit: Exploit Public, Exploit Commercial Disclosure: OSVDB Verified, Vendor Verified OSVDB: Web Related |
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch (MS01-023) to address this vulnerability. |
Products |
|
References |
|
Credit |
|
eeye.com - eEye Digital Security