Signature Detail
Short Name |
HTTP:IIS:DLL-URL-REQ |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft IIS .DLL URL Remote Code Execution |
Release Date |
2005/12/21 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft IIS .DLL URL Remote Code Execution
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Information Service (IIS). Attackers can send malformed URL requests that can trigger a denial-of-service condition or in worst cases would allow an attacker to execute remote code on the target system.
Extended Description
Microsoft IIS is prone to a remote code-execution vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the vulnerable application, which may lead to the complete compromise of affected computers. This issue affects Microsoft IIS 5.1 running on Windows XP SP2. Note: this issue was previously reported as a denial-of-service vulnerability. New information from the vendor states that code execution is possible.
Affected Products
- Avaya Messaging Application Server MM 2.0
- Avaya Messaging Application Server MM 3.0
- Avaya Messaging Application Server MM 3.1
- Microsoft IIS 5.1
References