oval:org.mitre.oval:def:197

Definition Id: oval:org.mitre.oval:def:197

Oval ID:	oval:org.mitre.oval:def:197
Title:	IIS ISAPI Extension Indexing Service Buffer Overflow (Code Red)
Description:	Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2001-0500	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
Software section IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\idq.dll version is less than 5.0.2195.3645 AND NOT Patch Q300972 Installed AND NOT Patch Q301625 Installed AND NOT Patch Q319733 Installed AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed AND NOT Windows 2000 Security Roll-up 1 Installed AND NOT Win2K/XP/2003 service pack 3 (or later) is installed AND Configuration section idq.dll mapping exists