Added: 11/30/2005
CVE: CVE-2005-4734
BID: 26424
OSVDB: 20151
RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens.
A buffer overflow in **IISWebAgentIF.dll**
could allow a remote attacker to execute arbitrary commands using a long, specially crafted url parameter in a Redirect request.
Fixes are available from RSA SecurCare Online.
<http://secunia.com/advisories/17281/>
Web Agent for IIS must be configured correctly in order for this exploit to work.
Windows 2000