Info

Disclosure

Jun 25, 2001

Discovery

Apr 13, 2001

Dates

Exploit

Jun 25, 2001

Solution

Unknown

Description

Microsoft Front Page Server Extensions (FPSE), included in IIS Web Server, contain a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to a sub-component in FPSE called Visual Studio Remote Application Deployment (RAD) which allows Visual InterDev users to register and un-register programming components on the IIS server. The sub-component contains an unchecked buffer that may allow an attacker to execute arbitrary code with IUSR_Machine privileges.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Microsoft has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workarounds: Delete or prevent access to fp30reg.dll and fp4areg.dll

Products

Microsoft Corporation	Frontpage Server Extensions	2000
	IIS	4.0
		5.0

References

CVE ID: 2001-0341 (see also: NVD)
Bugtraq ID: 2906
ISS X-Force ID: 6730
Keyword: fp30reg.dll fp4areg.dll FPSE IIS Remote Application Deployment
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-06/0327.html
Generic Informational URL: http://www.microsoft.com/technet/security/bulletin/MS01-035.asp
http://www.whitehats.com/info/IDS555
Microsoft Security Bulletin: MS01-035

Credit

NSFocus Security Team - securitynsfocus.com - NSFocus Security

Direct URL: http://osvdb.org/577

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Frontpage Server Extensions

IIS

References

Credit