Sign-up

ID

VAR-200107-0142


CVE

CVE-2001-0500


TITLE

Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled

Trust: 0.8

sources: CERT/CC: VU#544555

DESCRIPTION

Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. A vulnerability in IIS 4.0 may permit intruders to crash vulnerable IIS servers with URL redirection enabled. A vulnerability exists in the Indexing services used by Microsoft IIS 4.0 and IIS 5.0 running on Windows NT, Windows 2000, and beta versions of Windows XP. Exploitations of this vulnerability allows a remote intruder to run arbitrary code on the victim machine. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. Note that Index Server and Indexing Service do not need to be running for an attacker to exploit this issue. Since 'idq.dll' is installed by default when IIS is installed, IIS would need to be the only service running. Note also that this vulnerability is currently being exploited by the 'Code Red' worm. In addition, all products that run affected versions of IIS are also vulnerable. **UPDATE**: An aggressive worm that actively exploits this vulnerability is believed to be in the wild

Trust: 3.33

sources: NVD: CVE-2001-0500 // CERT/CC: VU#544555 // CERT/CC: VU#952336 // JVNDB: JVNDB-2001-000097 // BID: 2880

AFFECTED PRODUCTS

vendor:microsoftmodel:index serverscope:eqversion:2.0

Trust: 1.9

vendor:microsoftmodel: - scope: - version: -

Trust: 1.6

vendor:microsoftmodel:internet information serverscope:lteversion:6.0

Trust: 1.0

vendor:microsoftmodel:indexing servicescope:eqversion:*

Trust: 1.0

vendor:microsoftmodel:iisscope:eqversion:4.0

Trust: 0.8

vendor:microsoftmodel:iisscope:eqversion:5.0

Trust: 0.8

vendor:ciscomodel:call managerscope:eqversion:3.1

Trust: 0.6

vendor:microsoftmodel:indexing servicescope:eqversion:windows_2000

Trust: 0.6

vendor:microsoftmodel:internet information serverscope:eqversion:6.0

Trust: 0.6

vendor:microsoftmodel:indexing services for windowsscope:eqversion:2000

Trust: 0.3

vendor:ciscomodel:uone enterprise editionscope: - version: -

Trust: 0.3

vendor:ciscomodel:uonescope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:uonescope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:uonescope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:uonescope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.3

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.2

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.46

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.4

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.3

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.2

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.1

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:unity serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:trailheadscope: - version: -

Trust: 0.3

vendor:ciscomodel:media blenderscope: - version: -

Trust: 0.3

vendor:ciscomodel:ip/vc application serverscope:eqversion:3540

Trust: 0.3

vendor:ciscomodel:icsscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:icsscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:icsscope:eqversion:7750

Trust: 0.3

vendor:ciscomodel:dynamic content adapterscope: - version: -

Trust: 0.3

vendor:ciscomodel:collaboration serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.3(3)

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.3

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.2

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.1(2)

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:call managerscope: - version: -

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:5.2

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:4.5

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:4.4

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:4.3

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:4.0.1

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:building broadband service managerscope:eqversion:2.5.1

Trust: 0.3

sources: CERT/CC: VU#544555 // CERT/CC: VU#952336 // BID: 2880 // JVNDB: JVNDB-2001-000097 // CNNVD: CNNVD-200107-163 // NVD: CVE-2001-0500

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-0500
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#544555
value: 22.50

Trust: 0.8

CARNEGIE MELLON: VU#952336
value: 69.30

Trust: 0.8

NVD: CVE-2001-0500
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200107-163
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2001-0500
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#544555 // CERT/CC: VU#952336 // JVNDB: JVNDB-2001-000097 // CNNVD: CNNVD-200107-163 // NVD: CVE-2001-0500

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0500

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200107-163

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 2880 // CNNVD: CNNVD-200107-163

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2001-000097

PATCH
title:MS01-033url:http://www.microsoft.com/technet/security/bulletin/MS01-033.mspx
Trust: 0.8
title:MS01-033url:http://www.microsoft.com/japan/technet/security/bulletin/MS01-033.mspx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2001-000097

EXTERNAL IDS
db:BIDid:2880
Trust: 3.5
db:NVDid:CVE-2001-0500
Trust: 2.7
db:CERT/CCid:VU#952336
Trust: 1.6
db:CERT/CCid:VU#544555
Trust: 0.8
db:JVNDBid:JVNDB-2001-000097
Trust: 0.8
db:CERT/CCid:CA-2001-13
Trust: 0.6
db:OVALid:OVAL:ORG.MITRE.OVAL:DEF:197
Trust: 0.6
db:CIACid:L-098
Trust: 0.6
db:MSid:MS01-033
Trust: 0.6
db:XFid:6705
Trust: 0.6
db:BUGTRAQid:20010618 ALL VERSIONS OF MICROSOFT INTERNET INFORMATION SERVICES, REMOTE BUFFER OVERFLOW (SYSTEM LEVEL ACCESS)
Trust: 0.6
db:CNNVDid:CNNVD-200107-163
Trust: 0.6
sources:
            
            
            CERT/CC: VU#544555 // 
            
            
            
            CERT/CC: VU#952336 // 
            
            
            
            BID: 2880 // 
            
            
            
            JVNDB: JVNDB-2001-000097 // 
            
            
            
            CNNVD: CNNVD-200107-163 // 
            
            
            
            NVD: CVE-2001-0500

REFERENCES
url:http://www.securityfocus.com/bid/2880
Trust: 3.2
url:http://www.cert.org/advisories/ca-2001-13.html
Trust: 2.7
url:http://www.microsoft.com/technet/security/bulletin/ms01-033.asp
Trust: 1.7
url:http://www.securityfocus.com/archive/1/191873
Trust: 1.6
url:http://www.iss.net/security_center/static/6705.php
Trust: 1.6
url:http://www.ciac.org/ciac/bulletins/l-098.shtml
Trust: 1.6
url:http://www.eeye.com/html/research/advisories/ad20010618.html
Trust: 1.1
url:http://www.cert.org/advisories/ca-2001-23.html
Trust: 1.1
url:http://www.cert.org/advisories/ca-2001-19.html
Trust: 1.1
url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-033
Trust: 1.0
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a197
Trust: 1.0
url:http://www.microsoft.com/technet/itsolutions/security/tools/redthree.asp?frame=true
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/952336
Trust: 0.8
url:http://www.microsoft.com/technet/security/bulletin/ms01-044.asp
Trust: 0.8
url:http://support.microsoft.com/support/kb/articles/q300/9/72.asp
Trust: 0.8
url:http://www.microsoft.com/technet/security/iis5chk.asp
Trust: 0.8
url:http://www.microsoft.com/technet/security/tools.asp
Trust: 0.8
url:http://www.cert.org/advisories/ca-2001-20.html
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0500
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0500
Trust: 0.8
url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:197
Trust: 0.6
url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/topics/codealrt.asp
Trust: 0.3
url:http://www.cert.org/incident_notes/in-2001-08.html
Trust: 0.3
url:http://www.cert.org/incident_notes/in-2001-09.html
Trust: 0.3
url:http://www.cert.org/incident_notes/in-2001-10.html
Trust: 0.3
url:http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml
Trust: 0.3
url:http://support.coresecurity.com/impact/exploits/f1808bf3760bbf79f661eed53e93ca64.html
Trust: 0.3
url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/iischk.asp
Trust: 0.3
url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/news/nt4srp.asp
Trust: 0.3
url:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/iis/tips/iis5chk.asp
Trust: 0.3
url:http://www.microsoft.com/technet/itsolutions/security/tools/redfix.asp
Trust: 0.3
url:http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml
Trust: 0.3
url:http://xforce.iss.net/alerts/advise89.php
Trust: 0.3
sources:
            
            
            CERT/CC: VU#544555 // 
            
            
            
            CERT/CC: VU#952336 // 
            
            
            
            BID: 2880 // 
            
            
            
            JVNDB: JVNDB-2001-000097 // 
            
            
            
            CNNVD: CNNVD-200107-163 // 
            
            
            
            NVD: CVE-2001-0500

CREDITS
Eeye Digital Security
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200107-163

SOURCES
db:CERT/CCid:VU#544555
db:CERT/CCid:VU#952336
db:BIDid:2880
db:JVNDBid:JVNDB-2001-000097
db:CNNVDid:CNNVD-200107-163
db:NVDid:CVE-2001-0500

LAST UPDATE DATE
2024-08-14T15:09:59.738000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#544555date:2001-08-14T00:00:00
db:CERT/CCid:VU#952336date:2001-08-16T00:00:00
db:BIDid:2880date:2009-11-26T21:05:00
db:JVNDBid:JVNDB-2001-000097date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200107-163date:2005-05-02T00:00:00
db:NVDid:CVE-2001-0500date:2018-10-12T21:30:26.500

SOURCES RELEASE DATE
db:CERT/CCid:VU#544555date:2001-08-14T00:00:00
db:CERT/CCid:VU#952336date:2001-06-19T00:00:00
db:BIDid:2880date:2001-06-18T00:00:00
db:JVNDBid:JVNDB-2001-000097date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200107-163date:2001-06-18T00:00:00
db:NVDid:CVE-2001-0500date:2001-07-21T04:00:00