Microsoft Site Server Arbitrary File Upload DoS

2002-01-30T00:00:00
ID OSVDB:17668
Type osvdb
Reporter RFP(rfp@wiretrip.net)
Modified 2002-01-30T00:00:00

Description

Vulnerability Description

Microsoft Site Server contains a flaw that may allow a remote denial of service. The issue is due to the /Sites/Publishing/Users/ directory which has write permissions by default. It is possible for a remote attacker with a valid NT account to arbitrarily upload overly large files and consume all available space on the system drive resulting in a loss of availability.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove write access from the directories.

Short Description

Microsoft Site Server contains a flaw that may allow a remote denial of service. The issue is due to the /Sites/Publishing/Users/ directory which has write permissions by default. It is possible for a remote attacker with a valid NT account to arbitrarily upload overly large files and consume all available space on the system drive resulting in a loss of availability.

References:

Vendor URL: http://www.microsoft.com/ Snort Signature ID: 1817 Snort Signature ID: 1818 Security Tracker: 1003420 Related OSVDB ID: 17655 Related OSVDB ID: 17658 Related OSVDB ID: 17661 Related OSVDB ID: 17663 Related OSVDB ID: 17664 Related OSVDB ID: 17666 Related OSVDB ID: 17668 Related OSVDB ID: 17656 Related OSVDB ID: 17660 Related OSVDB ID: 17667 Related OSVDB ID: 17669 Related OSVDB ID: 17652 Related OSVDB ID: 17654 Related OSVDB ID: 17657 Related OSVDB ID: 17670 Related OSVDB ID: 831 Related OSVDB ID: 17653 Related OSVDB ID: 17659 Related OSVDB ID: 17662 Related OSVDB ID: 17665 Related OSVDB ID: 17671 Nessus Plugin ID:11018 Microsoft Knowledge Base Article: 248840 Mail List Post: http://marc.theaimsgroup.com/?l=vulnwatch&m=101235440104716&w=2