New Vulnerability Affects IIS and Cookies; Cross-Site and Local Vulnerabilities
Allen Jones discusses the three most recently discovered vulnerabilities in IIS--malicious users retrieving cookies, the cross-site vulnerability, and a buffer overflow vulnerability.
November 6, 2000
New Vulnerability Affects IIS 5.0, IIS 4.0, and Cookies
On October 27, Microsoft and ACROS Security jointly reported that malicious users could retrieve cookies from IIS 5.0 and IIS 4.0 and, under specific circumstances, use them to hijack an existing user's Web session. Microsoft has released a patch and additional information.
Variant of Cross-Site Vulnerability in IIS 5.0
On October 29, Georgi Guninski reported that malicious users can trick Microsoft Index Server running with IIS 5.0 into sending them users' cookies. Those cookies could contain sensitive information. Microsoft has released a patchfor the Index Server vulnerability along with more information.
IIS 4.0 Buffer Overflow Allows Local Exploit
E-Eye announced a vulnerability over the weekend that describes a situation in which a local user who has the ability to create Active Server Pages (ASP) files could overflow the buffer of IIS's Internet Server API (ISAPI) process. This overflow could give the local user the equivalent of LOCAL SYSTEM access. E-Eye admits that although no known remote exploit for this vulnerability exists, such an exploit is possible. This vulnerability doesn't affect IIS 5.0. At the time of publication, Microsoft had yet to release a patch or an advisory. Click here to read more about the vulnerability.
About the Author
You May Also Like