Feeds

Exploits for several million Microsoft servers posted

This oughta be a blast....

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Several exploits have been developed for a buffer overflow vulnerability in servers running IIS 5.0 on Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server, which we reported on Tuesday.

The vulnerability exists in the .printer ISAPI (Internet Server Application Programming Interface) filter (C:\WINNT\System32\msw3prt.dll), which enables Web-based control of networked printers, due to an unchecked buffer in msw3prt.dll.

A malicious HTTP .print request containing approximately 420 bytes in the 'Host:' field enables execution of arbitrary code, and if handled right will yield system-level access on the target machine.

Microsoft has posted a patch, which it 'strongly urges' admins to install; but the number of machines running IIS on Win2k is so immense (several million at least) that cracking unpatched victims will be like shooting fish in a barrel.

With that in mind, computer enthusiast dark spyrit has put together jill.c, "an exploit code that will give you a remote command shell, reverse telnet style, on a vulnerable host. This exploit code takes advantage of a vulnerability in IIS that allows remote attacker to overflow one of IIS's internal buffers causing it to execute arbitrary code."

From Wanderley Abreu we have a memory-leak exploit called webexplt.pl; and from Ryan Permeh of eEye Digital Security, which discovered the vulnerability, we have a non-malicious exploit called iishack2000.c, which creates a file in the root of drive C imploring unpatched innocents to fix their systems. ®

Related Story

Microsoft IIS hole gives System-level access

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
Chrome 38's new HTML tag support makes fatties FIT and SKINNIER
First browser to protect networks' bandwith using official spec
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.