ISAPI.IDA.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer overflow vulnerability in Microsoft Internet Information Services (IIS) indexing extension.
IIS installs several Internet Service Application Programming Interface (ISAPI) extensions by default. The Internet Data Administration (.ida) filter provides support for administrative scripts. Due to inadequate user input sanitization, a remote attacker can execute arbitrary code on a target system by passing it a specially crafted message.

affected-products-logoAffected Products

IIS 4.0 or 5.0

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

Upgrade the system to the latest non-vulnerable version or apply patch http://www.microsoft.com/technet/security/Bulletin/MS01-033.mspx.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-22 14.559

References

1