Details of VAR-200111-0009

ID

VAR-200111-0009

CVE

CVE-2001-0902

TITLE

Microsoft IIS Error logging vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200111-019

DESCRIPTION

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. A weakness in the reporting functionality of Microsoft IIS has been discovered. It is possible to cause IIS to log false information. This problem occurs when an attacker makes a HTTP request using hexadecimal encoded requests. A malicious attacker can cause IIS to fill the log with false information. This may result in confusion when other services make use of the false IIS log data. It should be noted that this issue highly depends on the text editor used to analyze the logs. Some hexadecimal sequences may have varying results when interpreted

Trust: 1.17

sources: NVD: CVE-2001-0902 // BID: 6795

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information services	scope:	eq	version:	5.0	Trust: 1.6
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.0	Trust: 0.6
vendor:	microsoft	model:	iis	scope:	eq	version:	5.0	Trust: 0.3
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	iis	scope:	eq	version:	3.0	Trust: 0.3

sources: BID: 6795 // CNNVD: CNNVD-200111-019 // NVD: CVE-2001-0902

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-0902
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200111-019
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2001-0902
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-200111-019 // NVD: CVE-2001-0902

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0902

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200111-019

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200111-019

EXTERNAL IDS

db:	NVD	id:	CVE-2001-0902	Trust: 1.9
db:	BID	id:	6795	Trust: 1.9
db:	BUGTRAQ	id:	20011120 IIS LOGGING ISSUE	Trust: 0.6
db:	XF	id:	7613	Trust: 0.6
db:	NTBUGTRAQ	id:	20011120 IIS LOGGING ISSUE	Trust: 0.6
db:	CNNVD	id:	CNNVD-200111-019	Trust: 0.6

sources: BID: 6795 // CNNVD: CNNVD-200111-019 // NVD: CVE-2001-0902

REFERENCES

url:	http://www.securityfocus.com/bid/6795	Trust: 2.6
url:	http://marc.info/?l=bugtraq&m=100626531103946&w=2	Trust: 2.0
url:	http://marc.info/?l=ntbugtraq&m=100627497122247&w=2	Trust: 2.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/7613	Trust: 2.0
url:	http://xforce.iss.net/xforce/xfdb/7613	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=100626531103946&w=2	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=100627497122247&w=2	Trust: 0.6

sources: CNNVD: CNNVD-200111-019 // NVD: CVE-2001-0902

CREDITS

onesemicolon※ onesemicolon@onesemicolon.cjb.net

Trust: 0.6

sources: CNNVD: CNNVD-200111-019

SOURCES

db:	BID	id:	6795
db:	CNNVD	id:	CNNVD-200111-019
db:	NVD	id:	CVE-2001-0902

LAST UPDATE DATE

2024-11-22T23:00:45.887000+00:00

SOURCES UPDATE DATE

db:	BID	id:	6795	date:	2009-07-11T20:06:00
db:	CNNVD	id:	CNNVD-200111-019	date:	2005-05-13T00:00:00
db:	NVD	id:	CVE-2001-0902	date:	2024-11-20T23:36:23.910

SOURCES RELEASE DATE

db:	BID	id:	6795	date:	2001-11-19T00:00:00
db:	CNNVD	id:	CNNVD-200111-019	date:	2001-11-20T00:00:00
db:	NVD	id:	CVE-2001-0902	date:	2001-11-20T05:00:00