Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:8F19012BFCDB60CDAA4DA475876DEA4C
HistoryJul 18, 2006 - 12:00 a.m.

ntdll.dll buffer overflow via IIS 5.0 WebDAV

2006-07-1800:00:00
SAINT Corporation
www.saintcorporation.com
14

0.974 High

EPSS

Percentile

99.9%

JSON

Added: 07/18/2006
CVE: CVE-2003-0109
BID: 7116
OSVDB: 4467

Background

The dynamic link library **ntdll.dll** is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS.

Problem

A buffer overflow in **ntdll.dll** allows remote attackers to execute arbitrary commands with LocalSystem privileges by sending a long, specially crafted WebDAV request to IIS 5.0.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 03-007.

References

<http://www.cert.org/advisories/CA-2003-09.html&gt;

Limitations

Exploit works on Windows 2000 running IIS 5.0 web server with WebDAV enabled. Failure may cause the web service to become unresponsive but still remain listening.

Related

openvas 2
securityvulns 2
canvas 1
cve 1
saint 3
nessus 2
packetstorm 1
exploitpack 1
cert 1
checkpoint_advisories 3
seebug 1
exploitdb 1
trendmicroblog 1
openvas
openvas
Unchecked Buffer in ntdll.dll (Q815021)
2005-11-03 00:00:00
Unchecked Buffer in ntdll.dll (Q815021)
2005-11-03 00:00:00
securityvulns
securityvulns
[Windows XP] ntdll.dll Buffer Overflow Vulnerability - Yet Another MS03-007
2003-06-02 00:00:00
CERT Advisory CA-2003-09 Buffer Overflow in Microsoft IIS 5.0
2003-03-18 00:00:00
canvas
canvas
Immunity Canvas: MS03_007
2003-03-31 05:00:00
cve
cve
CVE-2003-0109
2003-03-31 05:00:00
saint
saint
ntdll.dll buffer overflow via IIS 5.0 WebDAV
2006-07-18 00:00:00
ntdll.dll buffer overflow via IIS 5.0 WebDAV
2006-07-18 00:00:00
ntdll.dll buffer overflow via IIS 5.0 WebDAV
2006-07-18 00:00:00
nessus
nessus
Microsoft IIS WebDAV ntdll.dll Remote Overflow (MS03-007)
2003-03-18 00:00:00
MS03-007: Unchecked Buffer in ntdll.dll (815021)
2003-03-18 00:00:00
packetstorm
packetstorm
Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
2009-11-26 00:00:00
exploitpack
exploitpack
Microsoft IIS 5.0 - WebDAV Remote
2003-03-24 00:00:00
cert
cert
Buffer Overflow in Core Microsoft Windows DLL
2003-03-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft IIS WebDAV Remote Buffer Overflow (MS03-007) - Ver2 (CVE-2003-0109)
2014-12-28 00:00:00
Microsoft IIS WebDAV Remote Buffer Overflow (MS03-007; CVE-2003-0109)
2009-12-13 00:00:00
HTTP Methods (CAN-2003-0109; CVE-2007-1560; CVE-2015-1499)
2015-06-14 00:00:00
seebug
seebug
MS Windows WebDAV Remote PoC Exploit
2006-10-24 00:00:00
exploitdb
exploitdb
Microsoft IIS 5.0 - WebDAV Remote
2003-03-24 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 17, 2017
2017-04-21 18:23:45

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SAINT:8F19012BFCDB60CDAA4DA475876DEA4C
openvas2securityvulns2canvas1cve1saint3nessus2packetstorm1exploitpack1cert1checkpoint_advisories3seebug1exploitdb1trendmicroblog1