Oval Definition:oval:org.mitre.oval:def:12501
Revision Date:2011-02-21Version:21
Title:Buffer overrun in Chunked Encoding mechanism
Description:Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2002-0079
Platform(s):Microsoft Windows 2000
Microsoft Windows NT
Product(s):Microsoft Internet Information Server (IIS)
Definition Synopsis
  • vulnerable IIS 4.0 on Windows NT
  • Microsoft Windows NT is installed
  • AND Microsoft IIS 4.0 is installed
  • AND the version of w3svc.dll is less than 4.2.775.1
  • AND FTP Enabled
  • OR vulnerable IIS 5.0 on Windows 2000
  • Microsoft Windows 2000 is installed
  • AND Microsoft IIS 5.0 is installed
  • AND the version of w3svc.dll is less than 5.0.2195.5269
  • AND FTP Enabled
  • BACK