Microsoft has released patches for Windows 2000, NT 4.0 and XP.
Item 1 Title: Flaw in ISAPI Extension for Windows Media Services Could Cause Denial of Service (817772) Date: 28 May 2003 Software: Microsoft(r) Windows NT(r) 4.0, and Windows(r) 2000 Impact: Allow an attacker to execute code of their choice Max Risk: Moderate Bulletin: MS03-019 There is a flaw in the way in which nsiislog.dll processes incoming requests. A vulnerability exists because an attacker could send specially formed communications to the server that could cause IIS to stop responding to Internet requests. Item 2 Title: Cumulative Patch for Internet Information Service (811114) Date: 28 May 2003 Software: Microsoft(r) Windows NT(r) 4.0, Windows(r) 2000, or Windows(r) XP Impact: Allow an attacker to execute code of their choice Max Risk: Important Bulletin: MS03-018 Redirection Cross Site Scripting CAN-2003-0223 Server Side Include Web Pages Buffer Overrun CAN-2003-0224 ASP Headers Denial of Service CAN-2003-0225 WebDAV Denial of Service CAN-2003-0226 Item 3 - Update to previous bulletin Title: Unchecked Buffer In Windows Component Could Cause Server Compromise (815021) Released: 17 Mar 2003 Revised: 28 May 2003 (version 3.0) Software: Microsoft (r) Windows (r) NT 4.0, Windows 2000 and Windows XP Impact: Run code of attacker's choice Max Risk: Critical Bulletin: MS03-007 An attacker could exploit the vulnerability by sending a specially formed HTTP request to a machine running Internet Information Server (IIS). The request could cause the server to fail or to execute code of the attacker?s choice. The code would run in the security context of the IIS service (which, by default, runs in the LocalSystem context). Item 4 - Update to previous bulletin Title: Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges (811493) Released: 16 April 2003 Revised: 28 May 2003 (version 2.0) Software: Microsoft(r) Windows NT(r) 4.0, Windows(r) 2000 and Windows(r) XP Impact: Local Elevation of Privilege Max Risk: Important Bulletin: MS03-013 There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results because an attacker could write a program to exploit this flaw and run code of their choice. An attacker could exploit this vulnerability to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system. References: ----------- SPI Security Alert regarding IIS webdav Denial Of Service: http://www.spidynamics.com/iis_alert.html NSFOCUS Security Alert regarding SSI IIS 5.0 buffer overflow: http://www.nsfocus.com/english/homepage/sa2003-05.htm Microsoft Security Bulletins: http://www.microsoft.com/technet/security/bulletin/MS03-018.asp http://www.microsoft.com/technet/security/bulletin/MS03-013.asp http://www.microsoft.com/technet/security/bulletin/MS03-007.asp http://www.microsoft.com/technet/security/bulletin/MS03-019.asp contributed by: Deborah Hale. haled@pionet.net Pedro Bueno. bueno@ieee.org Feedback please to isc@sans.org |
Handlers 76 Posts May 30th 2003 |
Thread locked Subscribe |
May 30th 2003 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!