Lucene search
SAINT CorporationSAINT:C6E42A7A2EC76121A40444C490E607A9HistoryNov 30, 2005 - 12:00 a.m.
RSA SecurID Web Agent for IIS redirect buffer overflow
2005-11-3000:00:00
SAINT Corporation
www.saintcorporation.com
14
EPSS
0.371
Percentile
97.2%
Added: 11/30/2005
CVE: CVE-2005-4734
BID: 26424
OSVDB: 20151
Background
RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens.
Problem
A buffer overflow in **IISWebAgentIF.dll** could allow a remote attacker to execute arbitrary commands using a long, specially crafted url parameter in a Redirect request.
Resolution
Fixes are available from RSA SecurCare Online.
References
<http://secunia.com/advisories/17281/>
Limitations
Web Agent for IIS must be configured correctly in order for this exploit to work.
Platforms
Windows 2000
Related
saint
saint
RSA SecurID Web Agent for IIS redirect buffer overflow
2005-11-30 00:00:00
RSA SecurID Web Agent for IIS redirect buffer overflow
2005-11-30 00:00:00
RSA SecurID Web Agent for IIS redirect buffer overflow
2005-11-30 00:00:00
cvelist
cvelist
CVE-2005-4734
2006-03-19 23:00:00
exploitdb
exploitdb
Microsoft IIS - ISAPI RSA WebAgent Redirect Overflow (Metasploit)
2010-09-20 00:00:00
nvd
nvd
CVE-2005-4734
2005-12-31 05:00:00
metasploit
metasploit
Microsoft IIS ISAPI RSA WebAgent Redirect Overflow
2005-12-26 14:34:22
cve
cve
CVE-2005-4734
2006-03-19 23:00:00
packetstorm
packetstorm
Microsoft IIS ISAPI RSA WebAgent Redirect Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories