1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unchecked Buffer in Content Management Server Could Enable Server Compromise: Aug 7

Discussion in 'Web & Email' started by eddie5659, Aug 7, 2002.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,186
    Hiya

    Microsoft Content Management Server (MCMS) 2001 is a .Net Enterprise
    Server product that simplifies developing and managing e-business
    web sites. Microsoft has learned of three security vulnerabilities
    affecting it:

    - A buffer overrun in a low-level function that performs user
    authentication. At least one web page included with MCMS 2001
    passes inputs directly to the function, thereby potentially
    providing a way for an attacker to overrun the buffer. The
    result of exploiting the vulnerability would be to either
    cause MCMS to fail, or run code in the context of the MCMS
    service (which runs as Local System).

    - A vulnerability resulting from the confluence of two flaws
    affecting a function that allows files to be uploaded to the
    server. The first flaw lies in how the function authenticates
    requests, and would allow any user to submit an upload request.
    The second results because it is possible to override the upload
    location; where the function should upload files to a folder that
    only privileged users can access, it can be overridden to upload
    it to a temporary folder that does allow unprivileged users to
    call it. By exploiting the two flaws in tandem, an attacker
    could upload an .ASP or other file to the server, in a location
    from which it could be executed.

    - A SQL injection vulnerability affecting a function that services
    requests for image files and other resources. Exploiting the
    vulnerability could enable an attacker to run SQL commands on the
    server, which would not only allow data in the MCMS database to
    be added, changed or deleted, but also would enable the attacker
    to run operating system commands on the server.


    Maximum Severity Rating: Critical

    Affected Software:

    Microsoft Content Management Server 2001


    Download locations for this patch

    Microsoft Content Management Server 2001:


    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41266

    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-041.asp

    Regards

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Unchecked Buffer Content
  1. Dkapiate
    Replies:
    2
    Views:
    293
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/90410

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice