MS02-018 Microsoft IIS 4.0 .HTR Path Overflow

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server wi...

Microsoft IIS ISAPI RSA WebAgent Redirect Overflow

This module exploits a stack buffer overflow in the SecurID Web Agent for IIS. This ISAPI filter runs in-process with inetinfo.exe, any attempt to exploit this flaw will result in the termination and potential restart of the IIS service. This module requires Metasploit:...

IIS 5 .printer ISAPI filter applied

Remote Web server supports Internet Printing Protocol Description : IIS 5 has support for the Internet Printing ProtocolIPP, which is enabled in a default install. The protocol is implemented in IIS5 as an ISAPI extension. At least one security problem a buffer overflow has been found with that...

IIS .IDA ISAPI filter applied

Indexing Service filter is enabled on the remote Web server. Description : The IIS server appears to have the .IDA ISAPI filter mapped. At least one remote vulnerability has been discovered for the .IDA indexing service filter. This is detailed in Microsoft Advisory MS01-033, and gives remote...

IIS Global.asa Retrieval

This host is running the Microsoft IIS web server. This web server contains a configuration flaw that allows the retrieval of the global.asa file. This file may contain sensitive information such as database passwords, internal addresses, and web application configuration options. This...

ServletExec 4.1 ISAPI File Reading

By invoking the JSPServlet directly it is possible to read the contents of files within the webroot that would not normally be accessible global.asa, for example. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Microsoft IIS 5 '.printer' ISAPI Filter Applied - Active Check

Remote Web server supports Internet Printing Protocol. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft IIS .IDA ISAPI Filter Applied - Active Check

Indexing Service filter is enabled on the remote Web server. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ServletExec 4.1 ISAPI Physical Path Disclosure

By requesting a non-existent .JSP file, or by invoking the JSPServlet directly and supplying no filename, it is possible to make the ServletExec ISAPI filter disclose the physical path of the webroot. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a...

Microsoft IIS IDA/IDQ Path Disclosure Vulnerability (MS00-006) - Active Check

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. SPDX-FileCopyrightText: 2000 Filipe Custodio Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

ServletExec 4.1 / JRun ISAPI DoS

By sending an overly long request for a .jsp file it is possible to crash the remote web server. This problem is known as the ServletExec / JRun ISAPI DoS. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow (Metasploit)

Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...

MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Expl (meta)

Exploit for unknown platform in category remote exploits =================================================================== MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Exploit meta =================================================================== This file is part of the Metasploit...

CVE-2002-1973

The CVE-2002-1973 entry describes a buffer overflow in CHttpServer::OnParseError of the ISAPI extension (Isapi.cpp) when built with MFC static libraries in Visual C++ 5.0 and 6.0 before SP3. This flaw, present in multiple products (including BadBlue), can be triggered by a long query string that ...

CVE-2002-1973

Buffer overflow in CHttpServer::OnParseError in the ISAPI extension Isapi.cpp when built using Microsoft Foundation Class MFC static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service access violati...

CVE-2002-1685

CVE-2002-1685 : BadBlue Enterprise Edition and Personal Edition versions 1.7 and 1.7.2 are affected by a cross-site scripting (XSS) vulnerability in the ext.dll ISAPI. The flaw enables an attacker to execute arbitrary script in the context of other users by injecting script via the ext.dll ISAPI ...

Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow (3)

Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow 3 / source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer...

CVE-2004-1134

Buffer overflow in the Microsoft W3Who ISAPI w3who.dll allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string...

CVE-2004-1133

CVE-2004-1133 describes multiple remote vulnerabilities in Microsoft W3Who ISAPI (w3who.dll): two XSS flaws and a buffer overflow. OpenVAS/Nessus details indicate the w3who.dll ISAPI may allow an attacker to execute arbitrary commands on affected Windows hosts via a buffer overflow, or mount XSS ...

CVE-2004-1134

CVE-2004-1134 covers a stack/ buffer overflow in the Microsoft IIS ISAPI w3who.dll (W3Who) triggered by long query strings. The root cause is lack of input sanitization for CGI variables, enabling remote attackers to cause denial of service and potentially execute arbitrary code with IIS privileg...