Info

Disclosure

Jun 25, 2003

Discovery

May 28, 2003

Dates

Exploit

Jun 25, 2003

Solution

Unknown

Description

Windows Media Services contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to a flaw in the ISAPI (Internet Services Application Programming Interface) extension handling of incoming client requests in the nsiislog.dll file of the Internet Information Services (IIS). With a specially crafted POST request, an attacker may create a denial of service or exexcute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation

Windows

2000

References

CERT VU: 113716
ISS X-Force ID: 12652
CVE ID: 2003-0349 (see also: NVD)
Related OSVDB ID: 2106
Metasploit ID: 4535
Bugtraq ID: 8035
Microsoft Knowledge Base Article: 822343
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-06/0211.html
Generic Exploit URL: http://immunitysec.com
Keyword: Internet Information Services (IIS)
Microsoft Security Bulletin: MS03-022
CIAC Advisory: n-109

Credit

Brett Moore - brett.mooresecurity-assessment.com - Security Assessment

Direct URL: http://osvdb.org/4535