OVAL Repository - View Definition: oval:org.mitre.oval:def:29

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:29		Version: 7 Last Modified: 2011-04-26
Title:	Windows 2000 IIS Heap Overrun in HTR Chunked Encoding
Description:	Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2002-0364
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft Internet Information Server (IIS)
Definition Synopsis:
Software section IIS major version equals 5 AND IIS minor version equals 0 AND File %windir%\system32\inetsrv\ism.dll version is less than 5.0.2195.5671 AND NOT Patch Q321599 Installed AND NOT Patch Q327696 Installed AND NOT Patch Q811114 Installed AND NOT Win2K/XP/2003 service pack 3 (or later) is installed AND Configuration section ism.dll mapping exists

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest