Detections
Analytics

MS01-035: Microsoft IIS FrontPage fp30reg.dll Remote Overflow (uncredentialed check)

high Nessus Plugin ID 10699

Synopsis

The remote web server is prone to a buffer overflow attack.

Description

Microsoft IIS, running Frontpage extensions, is vulnerable to a remote buffer overflow attack. An attacker, exploiting this bug, may gain access to confidential data, critical business processes, and elevated privileges on the attached network.

Solution

Install either SP4 for Windows 2000 or apply the fix described in Microsoft Bulletin MS01-035.

See Also

http://www.nessus.org/u?fb5e7e9d

Plugin Details

Severity: High

ID: 10699

File Name: frontpage_overflow.nasl

Version: 1.51

Type: remote

Family: Web Servers

Published: 6/26/2001

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:internet_information_server

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/25/2001

Reference Information

CVE: CVE-2001-0341

BID: 2906

MSFT: MS01-035

MSKB: 300477