Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2000 Roelof TemminghOPENVAS:136141256231010357
HistoryNov 03, 2005 - 12:00 a.m.

Microsoft RDS / MDAC Vulnerability (MS99-025, msadcs.dll) - Active Check

2005-11-0300:00:00
Copyright (C) 2000 Roelof Temmingh
plugins.openvas.org
30

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.683 Medium

EPSS

Percentile

98.0%

JSON

The web server is probably susceptible to a common IIS vulnerability discovered by

# SPDX-FileCopyrightText: 2000 Roelof Temmingh
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:microsoft:internet_information_services";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.10357");
  script_version("2023-10-10T05:05:41+0000");
  script_tag(name:"last_modification", value:"2023-10-10 05:05:41 +0000 (Tue, 10 Oct 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/529");
  script_xref(name:"IAVA", value:"1999-a-0010");
  script_xref(name:"IAVA", value:"1999-t-0003");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-1999-1011");
  script_name("Microsoft RDS / MDAC Vulnerability (MS99-025, msadcs.dll) - Active Check");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2000 Roelof Temmingh");
  script_family("Web Servers");
  script_dependencies("gb_microsoft_iis_http_detect.nasl");
  script_require_ports("Services/www", 80);
  script_mandatory_keys("microsoft/iis/http/detected");

  script_tag(name:"summary", value:"The web server is probably susceptible to a common IIS vulnerability discovered by
  'Rain Forest Puppy'.");

  script_tag(name:"impact", value:"This vulnerability enables an attacker to execute arbitrary
  commands on the server with Administrator Privileges.");

  script_tag(name:"solution", value:"See Microsoft security bulletin (MS99-025) for patch information.");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("list_array_func.inc");
include("host_details.inc");

if(!port = get_app_port(cpe:CPE, service:"www"))
  exit(0);

if(!get_app_location(cpe:CPE, port:port, nofork:TRUE))
  exit(0);

cgi = "/msadc/msadcs.dll";
res = http_is_cgi_installed_ka(item:cgi, port:port);
if(res) {
  report = http_report_vuln_url(port:port, url:cgi);
  security_message(port:port, data:report);
  exit(0);
}

exit(99);

Related

cve 1
nessus 1
packetstorm 1
cvelist 1
nvd 1
openvas 1
cve
cve
CVE-1999-1011
2000-06-02 04:00:00
nessus
nessus
Microsoft IIS MDAC RDS (msadcs.dll) Arbitrary Remote Command Execution
2000-04-01 00:00:00
packetstorm
packetstorm
Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
2012-06-07 00:00:00
cvelist
cvelist
CVE-1999-1011
2000-06-02 04:00:00
nvd
nvd
CVE-1999-1011
1999-07-19 04:00:00
openvas
openvas
RDS / MDAC Vulnerability (msadcs.dll) located
2005-11-03 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.683 Medium

EPSS

Percentile

98.0%

JSON
Related for OPENVAS:136141256231010357
cve1nessus1packetstorm1cvelist1nvd1openvas1