Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830) |
| Informations | |||
|---|---|---|---|
| Name | MS08-006 | First vendor Publication | 2008-02-12 |
| Vendor | Microsoft | Last vendor Modification | 2008-02-12 |
| Severity (Vendor) | Important | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This important update resolves a privately reported vulnerability in Internet Information Services (IIS). A remote code execution vulnerability exists in the way that IIS handles input to ASP Web pages. An attacker who successfully exploited this vulnerability could then perform actions on the IIS server with the same rights as the Worker Process Identity (WPI). The WPI is configured with Network Service account privileges by default. IIS servers with ASP pages whose application pools are configured with a WPI that uses an account with administrative privileges could be more seriously impacted than IIS servers whose application pool is configured with the default WPI settings. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/ms08-006.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5308 | |||
| Oval ID: | oval:org.mitre.oval:def:5308 | ||
| Title: | Internet Information Services Remote Code Execution Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0075 | Version: | 5 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Information Server (IIS) 5.1 Microsoft Internet Information Server (IIS) 6.0 |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41445 | Microsoft IIS ASP Web Page Input Unspecified Arbitrary Code Execution |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft IIS ASP handling buffer overflow attempt RuleID : 15974 - Revision : 7 - Type : SERVER-IIS |
| 2014-01-10 | Microsoft IIS HTMLEncode Unicode string buffer overflow RuleID : 13922 - Revision : 11 - Type : SERVER-IIS |
| 2014-01-10 | Microsoft IIS HTMLEncode Unicode string buffer overflow RuleID : 13476 - Revision : 10 - Type : SERVER-IIS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-02-12 | Name : It is possible to use the remote web server to exploit arbitrary code on the ... File : smb_nt_ms08-006.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2018-10-13 00:25:19 |
|
| 2014-02-17 11:45:51 |
|
| 2014-01-19 21:30:09 |
|
| 2013-02-06 19:08:10 |
|
