CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."...

CVE-2002-0364

CVE-2002-0364 describes a heap-based buffer overflow in IIS 4.0/5.0 when processing chunked-encoded HTR requests via the HTR ISAPI extension, allowing an attacker to execute arbitrary code with the privileges of the ISAPI process. The vulnerability stems from chunked encoding handling; impact inc...

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."...

Microsoft IIS 4.0/5.0 - Malformed Filename Request

source: https://www.securityfocus.com/bid/1193/info Requesting a known filename with the extension replaced with .htr preceeded by approximately 230 "%20" which is an escaped character that represents a space from Microsoft IIS 4.0/5.0 will cause the server to retrieve the file and its contents...