IIS Remote Command Execution Network Vulnerability

Summary

When IIS receives a user request to run a script, it renders the request in a decoded canonical form, then performs security checks on the decoded request. A vulnerability results because a second, superfluous decoding pass is performed after the initial security checks are completed. Thus, a specially crafted request could allow an attacker to execute arbitrary commands on the IIS Server.

Solution

See MS advisory MS01-026(Superseded by ms01-044) See http://www.microsoft.com/technet/security/bulletin/ms01-044.mspx

Severity

Classification

CVE CVE-2001-0333, CVE-2001-0507
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CoreHTTP CGI Support Remote Command Execution Vulnerability
Apache Multiple Security Vulnerabilities
HP System Management Homepage Multiple Vulnerabilities
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - (Jan2012)
Serva32 Directory Traversal and Denial of Service Vulnerabilities

Take action and discover your vulnerabilities