Описание
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Ссылки
- ExploitPatchThird Party AdvisoryUS Government Resource
- ExploitPatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 6.0 (включая)
Одно из
cpe:2.3:a:microsoft:index_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:indexing_service:*:*:windows_2000:*:*:*:*:*
cpe:2.3:a:microsoft:internet_information_server:*:beta:*:*:*:*:*:*
EPSS
Процентиль: 100%
0.90865
Критический
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
EPSS
Процентиль: 100%
0.90865
Критический
10 Critical
CVSS2
Дефекты
NVD-CWE-Other