Crackers can take full control on servers with the help of the IIS 5 security flaw
Results 1 to 8 of 8

Thread: Crackers can take full control on servers with the help of the IIS 5 security flaw

  1. #1
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584

    Exclamation Crackers can take full control on servers with the help of the IIS 5 security flaw

    NEW hacker tools have already been developed to exploit a security hole Microsoft announced on June 19 in its web server software, Internet Information Services (IIS) 5.0, which leaves 6 million Internet sites around the world vulnerable to attacks.

    These new tools already widely circulated on mailing lists around the world takes advantage of a "huge" security hole part of the IIS indexing component that potentially allows hackers to take complete control of a server.

    Microsoft has already released a bulletin to system administrators around the world to download and apply a patch downloadable from the company's TechNet website. It said the flaw is evident not only in its current Windows 2000 release but also IIS running on Windows NT and the beta version of Windows XP.

    According to Microsoft, if the patch is not applied soon, no "meaningful" defense could stop hackers from controlling their servers.

    The flaw stems from ISAPI extensions--or .dll files that extend the server software functionality--that are installed with IIS. A particular file in question, idq.dll, a component of Index Server or Windows 2000 Indexing Service, that supports Internet Data Queries or .idq files and administrative scripts or .ida files. In the Microsoft website, an advisory pointed out that the idq.dll file contains "an unchecked buffer in a section of code that handles input URLs."

    It added that a malicious hacker could "conduct a buffer overrun attack and execute code on the web server" when the intruder establishes a web session with the attacked system.

    "Idq.dll runs in the System context, so exploiting the vulnerability would give the attacker complete control of the server and allow him to take any desired action on it," the Microsoft advisory further said.

    Such buffer overrun can happen even before any indexing feature is requested, the advisory stressed. Because of this even if the Index Server or Indexing Service is not running, a hacker can gain control of the server with ease and abuse the vulnerability. A hacker only needs to establish a web session and a "script mapping" of .idq or .ida files were present.

    Microsoft emphasizes this is a "serious" vulnerability and urges systems administrators using IIS not to delay downloading and applying the patch, which is available at www.microsoft.com/downloads.

    According to Microsoft, there are specific patches for Windows NT, Windows 2000 Professional, Server, and Advanced Server. The Windows 2000 Datacenter Server patch can be obtained from the original equipment manufacturer. The patch for Windows XP will be distributed together with its next beta release.
    Share on Google+

  2. #2
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    And Microsoft wonders why it's the laughing stock of the world when it comes to security...and by the way, I got a call from an NT admin who wanted to know "how do we format this disk you had linux on"...buncha 9-5'ers...

    Anyways, I don't see Microshaft trying to really fix anything they call a 'product', just continuously spew out crap like XP/2000/etc.
    Long live the Open Source movement!

    As it is right now, my linux box has withheld over 4000 attempts at the CodeRed virus, mainly because Apache is superior over IIS in every form and function, period.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
    Share on Google+

  3. #3
    whenever i see someone praising windows, i tell myself, "it's just an ad, it's just an ad..."
    Share on Google+

  4. #4
    What is Microsoft Smoking when they do testing. This is the reason why Microsoft products really suck.
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    872

    Re: freeOn

    What is Microsoft Smoking when they do testing. This is the reason why Microsoft products really suck.
    ...all the more reason I have Slackware Linux
    ...This Space For Rent.

    -[WebCarnage]
    Share on Google+

  6. #6
    larryjs
    Guest
    Originally posted by freeOn
    What is Microsoft Smoking when they do testing. This is the reason why Microsoft products really suck.
    Thats the whole problem....they aren't sparkin the "kind' bud!
    Share on Google+

  7. #7
    Senior Member
    Join Date
    Sep 2001
    Posts
    831
    Originally posted by larryjs
    Thats the whole problem....they aren't sparkin the "kind' bud!
    They need to learn from Larryjs's Avatar...

    -Matty_Cross
    \"Isn\'t sanity just a one trick pony anyway? I mean, all you get is one trick. Rational Thinking.
    But when you\'re good and crazy, hehe, the skies the limit!!\"
    Share on Google+

  8. #8
    Senior Member
    Join Date
    Dec 2001
    Posts
    291
    eh, they wont let their products grow up....

    NT coulda been good in about two more years, instead they pop out new children to make more $$$

    :::shrugs::: go figure at least Linux is growing up.... thats definately good to see.!

    JRC
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •