Signature Detail
Short Name |
HTTP:IIS:SHAREPOINT-PRIV-ESC |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
Microsoft Sharepoint Server 2007 Privilege Escalation |
Release Date |
2008/12/09 |
Update Number |
1324 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Sharepoint Server 2007 Privilege Escalation
This signature detects attempts to exploit a known vulnerability against Microsoft Sharepoint Server 2007. A successful attack can escalate a user's privileges, causing denial of service by executing commands that would cause load on the server; an attacker could also gain sensitive information from the Microsoft Office Sharepoint Server 2007, for example internal path names and user's e-mail addresses.
Extended Description
Microsoft SharePoint Server is prone to a vulnerability that could let remote attackers gain unauthorized access. A successful exploit will let attackers access certain administrative functions of the SharePoint Server.
Affected Products
- Microsoft SharePoint Server 2007 SP1
- Microsoft SharePoint Server 2007
- Microsoft SharePoint Server 2007 x64 SP1
- Microsoft SharePoint Server 2007 x64
References
- BugTraq: 32638
- CVE: CVE-2008-4032