Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:IIS:MDAC-RDS

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft IIS MDAC Remote Data Services Component Access

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft IIS MDAC Remote Data Services Component Access


This signature detects attempts to exploit a known vulnerability against Microsoft Data Access Components (MDAC) Remote Data Services (RDS) component. A successful attacker can access files and other services.

Extended Description

MDAC (Microsoft Data Access Components) is a package used to integrate web and database services. It includes a component named RDS (Remote Data Services). RDS allows remote access via the internet to database objects through IIS. Both are included in a default installation of the Windows NT 4.0 Option Pack, but can be excluded via a custom installation. RDS includes a component called the DataFactory object, which has a vulnerability that could allow any web user to: --Obtain unauthorized access to unpublished files on the IIS server --Use MDAC to tunnel ODBC requests through to a remote internal or external location, thereby obtaining access to non-public servers or effectively masking the source of an attack on another network. The main risk in this vulnerability is the following: --If the Microsoft JET OLE DB Provider or Microsoft DataShape Provider are installed, a user could use the shell() VBA command on the server with System privileges. (See the Microsoft JET Database Engine VBA Vulnerability for more information). These two vulnerabilities combined can allow an attacker on the Internet to run arbitrary commands with System level privileges on the target host.

Affected Products

  • Microsoft Data Access Components (MDAC) 1.5
  • Microsoft Data Access Components (MDAC) 2.0
  • Microsoft Data Access Components (MDAC) 2.1
  • Microsoft Data Access Components (MDAC) 2.1 CLEAN
  • Microsoft Data Access Components (MDAC) 2.1 UPGRADE
  • Microsoft IIS 3.0
  • Microsoft IIS 4.0
  • Microsoft Index Server 2.0
  • Microsoft Site Server 3.0 i386
  • Microsoft Site Server Commerce Edition 3.0 i386

References

  • BugTraq: 529
  • CVE: CVE-1999-1011
  • URL: http://www.microsoft.com/technet/security/bulletin/fq99-025.asp
  • URL: http://support.microsoft.com/support/kb/articles/q184/3/75.asp

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out