oval:org.mitre.oval:def:1703
| Definition Id: oval:org.mitre.oval:def:1703 | |||
| Oval ID: | oval:org.mitre.oval:def:1703 | ||
| Title: | IIS Memory Request Vulnerability | ||
| Description: | The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot). | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2005-4360 | Version: | 1 |
| Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Information Server (IIS) |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:521 | |||
| Oval ID: | oval:org.mitre.oval:def:521 | ||
| Title: | Microsoft Windows XP SP2 or later is installed | ||
| Description: | The operating system installed on the system is Microsoft Windows XP SP2 or later | ||
| Family: | windows | Class: | inventory |
| Reference(s): | cpe:/o:microsoft:windows_xp | Version: | 12 |
| Platform(s): | Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:1703 | |||
| Definition Id: oval:org.mitre.oval:def:460 | |||
| Oval ID: | oval:org.mitre.oval:def:460 | ||
| Title: | Microsoft IIS 5.1 is installed | ||
| Description: | The application Microsoft IIS 5.1 is installed. | ||
| Family: | windows | Class: | inventory |
| Reference(s): | cpe:/a:microsoft:iis:5.1 | Version: | 4 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft IIS 5.1 |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:1703 | |||
| Definition Id: oval:org.mitre.oval:def:105 | |||
| Oval ID: | oval:org.mitre.oval:def:105 | ||
| Title: | Microsoft Windows XP is installed | ||
| Description: | The operating system installed on the system is Microsoft Windows XP. | ||
| Family: | windows | Class: | inventory |
| Reference(s): | cpe:/o:microsoft:windows_xp | Version: | 5 |
| Platform(s): | Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:521 | |||
