Revision Date: | 2011-02-21 | Version: | 21 |
Title: | Buffer overrun in Chunked Encoding mechanism |
Description: | Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. |
Family: | windows | Class: | vulnerability |
Status: | ACCEPTED | Reference(s): | CVE-2002-0079
|
Platform(s): | Microsoft Windows 2000 Microsoft Windows NT
| Product(s): | Microsoft Internet Information Server (IIS)
|
Definition Synopsis |
vulnerable IIS 4.0 on Windows NT Microsoft Windows NT is installed
AND Microsoft IIS 4.0 is installed
AND the version of w3svc.dll is less than 4.2.775.1
AND FTP Enabled
OR vulnerable IIS 5.0 on Windows 2000
Microsoft Windows 2000 is installed
AND Microsoft IIS 5.0 is installed
AND the version of w3svc.dll is less than 5.0.2195.5269
AND FTP Enabled
|