Details of VAR-200207-0023

ID

VAR-200207-0023

CVE

CVE-2002-0364

TITLE

Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR

Trust: 0.8

sources: CERT/CC: VU#313819

DESCRIPTION

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise.". This condition affects IIS 4.0 and IIS 5.0. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host

Trust: 2.61

sources: NVD: CVE-2002-0364 // CERT/CC: VU#313819 // JVNDB: JVNDB-2002-000101 // BID: 4855

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	internet information services	scope:	eq	version:	5.0	Trust: 1.6
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 0.8
vendor:	microsoft	model:	iis	scope:	eq	version:	5.0	Trust: 0.8
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.0	Trust: 0.6
vendor:	microsoft	model:	windows nt workstation sp6a	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt workstation	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt terminal server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp6a	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp6a	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows nt enterprise server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	microsoft	model:	windows server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp2	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp1	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server	scope:	eq	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows server sp3	scope:	ne	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows professional sp3	scope:	ne	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows datacenter server sp3	scope:	ne	version:	2000	Trust: 0.3
vendor:	microsoft	model:	windows advanced server sp3	scope:	ne	version:	2000	Trust: 0.3

sources: CERT/CC: VU#313819 // BID: 4855 // JVNDB: JVNDB-2002-000101 // CNNVD: CNNVD-200207-013 // NVD: CVE-2002-0364

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0364
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#313819
value:	15.69
Trust: 0.8
NVD:	CVE-2002-0364
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200207-013
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2002-0364
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: CERT/CC: VU#313819 // JVNDB: JVNDB-2002-000101 // CNNVD: CNNVD-200207-013 // NVD: CVE-2002-0364

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0364

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200207-013

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 4855 // CNNVD: CNNVD-200207-013

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000101

PATCH

title:	MS02-028	url:	http://www.microsoft.com/technet/security/bulletin/ms02-028.asp	Trust: 0.8
title:	MS02-028	url:	http://www.microsoft.com/japan/technet/security/Bulletin/ms02-028.mspx	Trust: 0.8

sources: JVNDB: JVNDB-2002-000101

EXTERNAL IDS

db:	BID	id:	4855	Trust: 2.7
db:	CERT/CC	id:	VU#313819	Trust: 2.4
db:	NVD	id:	CVE-2002-0364	Trust: 2.4
db:	JVNDB	id:	JVNDB-2002-000101	Trust: 0.8
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:182	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:29	Trust: 0.6
db:	BUGTRAQ	id:	20020612 ADVISORY: WINDOWS 2000 AND NT4 IIS .HTR REMOTE BUFFER OVERFLOW [AD20020612]	Trust: 0.6
db:	BUGTRAQ	id:	20020613 VNA - .HTR HEAP OVERFLOW	Trust: 0.6
db:	MS	id:	MS02-028	Trust: 0.6
db:	NTBUGTRAQ	id:	20020612 ADVISORY: WINDOWS 2000 AND NT4 IIS .HTR REMOTE BUFFER OVERFLOW	Trust: 0.6
db:	VULNWATCH	id:	20020612 ADVISORY: WINDOWS 2000 AND NT4 IIS .HTR REMOTE BUFFER OVERFLOW [AD20020612]	Trust: 0.6
db:	XF	id:	9327	Trust: 0.6
db:	CNNVD	id:	CNNVD-200207-013	Trust: 0.6

sources: CERT/CC: VU#313819 // BID: 4855 // JVNDB: JVNDB-2002-000101 // CNNVD: CNNVD-200207-013 // NVD: CVE-2002-0364

REFERENCES

url:	http://www.securityfocus.com/bid/4855	Trust: 3.4
url:	http://www.kb.cert.org/vuls/id/313819	Trust: 2.6
url:	http://www.iss.net/security_center/static/9327.php	Trust: 2.6
url:	http://online.securityfocus.com/archive/1/276767	Trust: 2.6
url:	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0099.html	Trust: 2.6
url:	http://marc.info/?l=bugtraq&m=102392069305962&w=2	Trust: 2.0
url:	http://marc.info/?l=ntbugtraq&m=102392308608100&w=2	Trust: 2.0
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-028	Trust: 2.0
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a182	Trust: 2.0
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a29	Trust: 2.0
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0364	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0364	Trust: 0.8
url:	http://www.microsoft.com/technet/security/bulletin/ms02-028.asp	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=102392069305962&w=2	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=102392308608100&w=2	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:29	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:182	Trust: 0.6
url:	http://support.coresecurity.com/impact/exploits/6173c344069de8bf65e060cf3e1ea6fa.html	Trust: 0.3
url:	http://www.nextgenss.com/vna/ms-iishtr.txt	Trust: 0.3
url:	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-028.asp	Trust: 0.3
url:	http://www.microsoft.com/technet/security/advisory/default.mspx	Trust: 0.3

sources: CERT/CC: VU#313819 // BID: 4855 // JVNDB: JVNDB-2002-000101 // CNNVD: CNNVD-200207-013 // NVD: CVE-2002-0364

CREDITS

Next Generation Security Software

Trust: 0.6

sources: CNNVD: CNNVD-200207-013

SOURCES

db:	CERT/CC	id:	VU#313819
db:	BID	id:	4855
db:	JVNDB	id:	JVNDB-2002-000101
db:	CNNVD	id:	CNNVD-200207-013
db:	NVD	id:	CVE-2002-0364

LAST UPDATE DATE

2024-11-22T22:51:39.503000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#313819	date:	2004-02-23T00:00:00
db:	BID	id:	4855	date:	2002-05-27T00:00:00
db:	JVNDB	id:	JVNDB-2002-000101	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200207-013	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-2002-0364	date:	2024-11-20T23:38:54.473

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#313819	date:	2002-06-13T00:00:00
db:	BID	id:	4855	date:	2002-05-27T00:00:00
db:	JVNDB	id:	JVNDB-2002-000101	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200207-013	date:	2002-05-27T00:00:00
db:	NVD	id:	CVE-2002-0364	date:	2002-07-03T04:00:00