Major vulnerability found in Microsoft Web Server component (IIS)!
This question was answered on October 19, 2000. Much of the information contained herein may have changed since posting.
A major vulnerability in Microsoft's Internet Information Server (IIS), included as a web server component in Windows NT and 2000 server editions, that could allow a malicious user to sabotage a victim's server via a web browser.
In a security alert issued late last night Microsoft warned: "This is a serious vulnerability, and Microsoft recommends that all customers using its IIS 4.0 or 5.0 take action immediately to protect their systems."
IIS is used by millions of web servers around the world and should be a concern to webmasters using the Windows platform.
Microsoft said the flaw could allow a malicious user to execute code of their choice on a vulnerable web server The type of code that could be run would be limited by the specific server configuration, but in most cases it would be possible for the malicious user to execute any code that an authenticated user could run.
"This would give him the ability to install and run code, add, change or delete files or web pages, or take other actions," said Microsoft.
Attackers could execute virtually any operating system command, and this would enable them to cause a wide range of damage They could potentially create new files/pages on the server, delete ones that are already there, or reformat the entire hard drive.
"This isn't the worst he [a malicious user] could do," said Microsoft "He wouldn't be limited to misusing code that already exists on the server Access to the operating system commands would give him the vulnerability to upload code of his choice to the machine and execute it."
The "patch" for this vulnerability has actually been available since August It was orignally designed to fix another vulnerability, but also closes the hole for this one If you have the most recent patches for IIS on your web server, you are already protected If you would like to get the latest IIS patches for both Versions 4.0 & 5.0, go to:
<a href="http://www.microsoft.com/technet/security/bulletin/ms00-057.asp"><font color="#003399">>http://www.microsoft.com/technet/security/bulletin/ms00-057.asp</b></font></a>
Microsoft has quickly responded to this discovery and has posted the full technical details at:
<a href="http://www.microsoft.com/technet/security/bulletin/fq00-078.asp"><font color="#003399">>http://www.microsoft.com/technet/security/bulletin/fq00-078.asp</b></font></a>
About the author
Posted by Ken Colburn of Data Doctors on October 19, 2000