Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Microsoft Internet Information Services Could Allow Remote Code Execution (939373) |
| Informations | |||
|---|---|---|---|
| Name | MS07-041 | First vendor Publication | 2007-07-10 |
| Vendor | Microsoft | Last vendor Modification | 2007-07-10 |
| Severity (Vendor) | Important | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:C/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This important security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if an attacker sent specially crafted URL requests to a Web page hosted by Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2. IIS 5.1 is not part of a default install of Windows XP Professional Service Pack 2. An attacker who successfully exploited this vulnerability could take complete control of the affected system. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/ms07-041.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-252 | Unchecked Return Value |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1703 | |||
| Oval ID: | oval:org.mitre.oval:def:1703 | ||
| Title: | IIS Memory Request Vulnerability | ||
| Description: | The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot). | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2005-4360 | Version: | 1 |
| Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Information Server (IIS) |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 21805 | Microsoft IIS Crafted URL Remote DoS Microsoft Internet Information Services (IIS) contains a flaw that may allow a remote denial of service. The issue is triggered when a crafted URL pointing to a folder with execute permission set to Scripts and Executables is sent, and will result in loss of availability for the service. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Windows IIS malformed URL .dll denial of service attempt RuleID : 16147 - Revision : 13 - Type : SERVER-IIS |
| 2014-01-10 | w3svc _vti_bin null pointer dereference attempt RuleID : 12064 - Revision : 13 - Type : SERVER-IIS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-07-10 | Name : Arbitrary code can be executed on the remote web server. File : smb_nt_ms07-041.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:44 |
|
| 2014-01-19 21:30:06 |
|
| 2013-05-11 12:22:02 |
|
