Signature Detail

HTTP: IIS Crafted ASP URL Request

This signature detects invalid HTTP requests to Microsoft Internet Information Server. An attacker can send these crafted URLs to a vulnerable Web server and execute code.

Extended Description

Microsoft IIS is prone to a remote code-execution vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the vulnerable application, which may lead to the complete compromise of affected computers. This issue affects Microsoft IIS 5.1 running on Windows XP SP2. Note: this issue was previously reported as a denial-of-service vulnerability. New information from the vendor states that code execution is possible.

Affected Products

• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Microsoft IIS 5.1

References

• BugTraq: 15921
• CVE: CVE-2005-4360
• URL: http://www.microsoft.com/technet/security/Bulletin/MS07-041.mspx
• URL: http://www.securityfocus.com/archive/1/archive/1/419707/100/0/threaded
• URL: http://securitytracker.com/alerts/2005/Dec/1015376.html