Nessus Plugin #10671
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
IIS Remote Command Execution
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2001 Matt Moore / H D Moore
- Summary:
- Determines if arbitrary commands can be executed
- Version:
- $Revision: 1.29 $
- Cve_id:
- CVE-2001-0507, CVE-2001-0333
- Bugtraq_id:
- 2708, 3193
- Xrefs:
- -
- Description:
When IIS receives a user request to run a script, it renders
the request in a decoded canonical form, then performs
security checks on the decoded request. A vulnerability
results because a second, superfluous decoding pass is
performed after the initial security checks are completed.
Thus, a specially crafted request could allow an attacker to
execute arbitrary commands on the IIS Server.
Solution: See MS advisory MS01-026(Superseded by ms01-044)
See http://www.microsoft.com/technet/security/bulletin/ms01-044.mspx
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.