Sign-up

ID

VAR-199907-0014


CVE

CVE-1999-1011


TITLE

MDAC In Microsoft IIS Vulnerability in arbitrary command execution on the system

Trust: 0.8

sources: JVNDB: JVNDB-1999-000024

DESCRIPTION

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. Affected MDAC 1.5 and 2.0 Is Microsoft IIS alike Micorsoft Windows NT 4.0 Option Pack Included inMicrosoft IIS 3.x and 4.x On the server where is running MDAC If is installed, an arbitrary command may be executed. Both are included in a default installation of the Windows NT 4.0 Option Pack, but can be excluded via a custom installation. RDS includes a component called the DataFactory object, which has a vulnerability that could allow any web user to: --Obtain unauthorized access to unpublished files on the IIS server --Use MDAC to tunnel ODBC requests through to a remote internal or external location, thereby obtaining access to non-public servers or effectively masking the source of an attack on another network. The main risk in this vulnerability is the following: --If the Microsoft JET OLE DB Provider or Microsoft DataShape Provider are installed, a user could use the shell() VBA command on the server with System privileges. (See the Microsoft JET Database Engine VBA Vulnerability for more information). These two vulnerabilities combined can allow an attacker on the Internet to run arbitrary commands with System level privileges on the target host

Trust: 1.98

sources: NVD: CVE-1999-1011 // JVNDB: JVNDB-1999-000024 // BID: 529 // VULMON: CVE-1999-1011

AFFECTED PRODUCTS

vendor:microsoftmodel:index serverscope:eqversion:2.0

Trust: 1.9

vendor:microsoftmodel:data access componentsscope:eqversion:2.0

Trust: 1.9

vendor:microsoftmodel:data access componentsscope:eqversion:1.5

Trust: 1.9

vendor:microsoftmodel:site serverscope:eqversion:3.0

Trust: 1.6

vendor:microsoftmodel:data access componentsscope:eqversion:2.1

Trust: 1.6

vendor:microsoftmodel:internet information serverscope:eqversion:4.0

Trust: 1.6

vendor:microsoftmodel:internet information serverscope:eqversion:3.0

Trust: 1.6

vendor:microsoftmodel:iisscope:eqversion:4.0

Trust: 1.1

vendor:microsoftmodel:iisscope:eqversion:3.0

Trust: 1.1

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (server)

Trust: 0.8

vendor:microsoftmodel:windows ntscope:eqversion:4.0 (terminal_srv)

Trust: 0.8

vendor:microsoftmodel:site server commerce edition i386scope:eqversion:3.0

Trust: 0.3

vendor:microsoftmodel:data access components upgradescope:eqversion:2.1

Trust: 0.3

vendor:microsoftmodel:data access components cleanscope:eqversion:2.1

Trust: 0.3

sources: BID: 529 // JVNDB: JVNDB-1999-000024 // CNNVD: CNNVD-199907-021 // NVD: CVE-1999-1011

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1011
value: HIGH

Trust: 1.0

NVD: CVE-1999-1011
value: HIGH

Trust: 0.8

CNNVD: CNNVD-199907-021
value: CRITICAL

Trust: 0.6

VULMON: CVE-1999-1011
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1011
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-1999-1011 // JVNDB: JVNDB-1999-000024 // CNNVD: CNNVD-199907-021 // NVD: CVE-1999-1011

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-1999-000024 // NVD: CVE-1999-1011

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199907-021

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-199907-021

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-1999-000024

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-1999-1011

PATCH
title:MS99-025url:http://www.microsoft.com/technet/security/bulletin/MS99-025.asp
Trust: 0.8
title:MS98-004url:http://www.microsoft.com/technet/security/bulletin/ms98-004.mspx
Trust: 0.8
title: - url:https://www.theregister.co.uk/2021/05/21/boeing_747_ife_windows_nt4_shell_access/
Trust: 0.1
sources:
            
            
            VULMON: CVE-1999-1011 // 
            
            
            
            JVNDB: JVNDB-1999-000024

EXTERNAL IDS
db:BIDid:529
Trust: 2.8
db:OSVDBid:272
Trust: 2.5
db:NVDid:CVE-1999-1011
Trust: 2.5
db:JVNDBid:JVNDB-1999-000024
Trust: 0.8
db:MSid:MS98-004
Trust: 0.6
db:MSid:MS99-025
Trust: 0.6
db:NSFOCUSid:3822
Trust: 0.6
db:CNNVDid:CNNVD-199907-021
Trust: 0.6
db:EXPLOIT-DBid:19424
Trust: 0.1
db:VULMONid:CVE-1999-1011
Trust: 0.1
sources:
            
            
            VULMON: CVE-1999-1011 // 
            
            
            
            BID: 529 // 
            
            
            
            JVNDB: JVNDB-1999-000024 // 
            
            
            
            CNNVD: CNNVD-199907-021 // 
            
            
            
            NVD: CVE-1999-1011

REFERENCES
url:http://www.osvdb.org/272
Trust: 2.5
url:http://www.ciac.org/ciac/bulletins/j-054.shtml
Trust: 2.5
url:https://www.securityfocus.com/bid/529
Trust: 1.9
url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-025
Trust: 1.1
url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-004
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-1999-1011
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-1999-1011
Trust: 0.8
url:http://www.microsoft.com/technet/security/bulletin/ms99-025.asp
Trust: 0.6
url:http://www.microsoft.com/technet/security/bulletin/ms98-004.asp
Trust: 0.6
url:http://www.nsfocus.net/vulndb/3822
Trust: 0.6
url:http://www.securityfocus.com/level2/index.html?go=vulnerabilities&id=286
Trust: 0.3
url:http://www.microsoft.com/technet/security/bulletin/fq99-025.asp
Trust: 0.3
url:http://support.microsoft.com/support/kb/articles/q184/3/75.asp
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=157
Trust: 0.1
url:https://www.exploit-db.com/exploits/19424/
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.rapid7.com/db/modules/exploit/windows/iis/msadc
Trust: 0.1
sources:
            
            
            VULMON: CVE-1999-1011 // 
            
            
            
            BID: 529 // 
            
            
            
            JVNDB: JVNDB-1999-000024 // 
            
            
            
            CNNVD: CNNVD-199907-021 // 
            
            
            
            NVD: CVE-1999-1011

CREDITS
Rain Forrest Puppy※ rfp@wiretrip.net
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-199907-021

SOURCES
db:VULMONid:CVE-1999-1011
db:BIDid:529
db:JVNDBid:JVNDB-1999-000024
db:CNNVDid:CNNVD-199907-021
db:NVDid:CVE-1999-1011

LAST UPDATE DATE
2024-08-14T14:48:22.481000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-1999-1011date:2018-10-15T00:00:00
db:BIDid:529date:1999-07-19T00:00:00
db:JVNDBid:JVNDB-1999-000024date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-199907-021date:2006-02-20T00:00:00
db:NVDid:CVE-1999-1011date:2018-10-15T18:29:01.137

SOURCES RELEASE DATE
db:VULMONid:CVE-1999-1011date:1999-07-19T00:00:00
db:BIDid:529date:1999-07-19T00:00:00
db:JVNDBid:JVNDB-1999-000024date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-199907-021date:1999-07-19T00:00:00
db:NVDid:CVE-1999-1011date:1999-07-19T04:00:00