Microsoft W3Who w3who.dll Remote Overflow

2004-12-06T05:39:50
ID OSVDB:12258
Type osvdb
Reporter Nicolas Gregoire(ngregoire@exaprobe.com)
Modified 2004-12-06T05:39:50

Description

Vulnerability Description

A remote overflow exists in Microsoft Browser Client Context Tool (W3Who.dll) The ISAPI application fails to sanitize user input resulting in a buffer overflow. With a specially crafted request, an attacker can trigger the overflow resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Remove the W3Who.dll ISAPI extension or restrict access

Short Description

A remote overflow exists in Microsoft Browser Client Context Tool (W3Who.dll) The ISAPI application fails to sanitize user input resulting in a buffer overflow. With a specially crafted request, an attacker can trigger the overflow resulting in a loss of integrity.

Manual Testing Notes

/scripts/w3who.dll?AAAAAAAAA...[519 to 12571]....AAAAAAAAAAAAA

References:

Security Tracker: 1012435 Secunia Advisory ID:13365 Related OSVDB ID: 12257 Related OSVDB ID: 12256 Other Advisory URL: http://www.exaprobe.com/labs/advisories/esa-2004-1206.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0157.html ISS X-Force ID: 18377 Generic Exploit URL: http://metasploit.com/projects/Framework/exploits.html#iis_w3who_overflow CVE-2004-1134