Release DateDec 24, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionThis indicates an attack attempt to exploit a Buffer Overflow vulnerability in Microsoft Internet Information Services.The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can exploit this to execute arbitrary code within the context of the application. |
Affected ProductsMicrosoft IIS 5.0Microsoft IIS 4.0 |
Recommended ActionsRefer to the vendor's website for suggested workaround.http://technet.microsoft.com/en-us/security/bulletin/ms02-018 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2002-0079 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/MS02-018.mspx (MS-ID)http://www.securityfocus.com/bid/4485 (BugTraq) |
