Yet Another IIS Hole
eEye: Yet Another IIS Hole.
All versions of Microsoft Internet Information Services Remote buffer overflow (SYSTEM Level Access) “Attackers that leverage the vulnerability can, from a remote location, gain full SYSTEM level access to any server that is running a default installation of Windows NT 4.0, Windows 2000, or Windows XP and using Microsoft’s IIS Web server software. With system-level access, an attacker can perform any desired action, including installing and running programs, manipulating Web server databases, adding, changing or deleting files and Web pages, and more…
Vendor Status:
Microsoft has released a patch for this vulnerability that can be downloaded from: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp “Microsoft strongly urges all web server administrators to apply the patch immediately.”
Also eEye Digital Security recommends removing the .ida ISAPI filter from your Web server if it does not provide your Web server with any _needed_ functionality.
[via ZopeNewbies]
