Microsoft IIS .HTR ISAPI Filter Enabled

high Nessus Plugin ID 10932

Synopsis

The remote web server is affected by a buffer overflow vulnerability.

Description

The IIS server appears to have the .HTR ISAPI filter mapped.

At least one remote vulnerability has been discovered for the .HTR filter. This is detailed in Microsoft Advisory MS02-018, and gives remote SYSTEM level access to the web server.

It is recommended that, even if you have patched this vulnerability, you unmap the .HTR extension and any other unused ISAPI extensions if they are not required for the operation of your site.

Solution

Apply the patch referenced above.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-018

http://www.nessus.org/u?071241d5

Plugin Details

Severity: High

ID: 10932

File Name: iis_htr_isapi.nasl

Version: 1.40

Type: remote

Family: Web Servers

Published: 4/10/2002

Updated: 5/28/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:microsoft:iis

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/10/2002

Exploitable With

Metasploit (MS02-018 Microsoft IIS 4.0 .HTR Path Overflow)

Reference Information

CVE: CVE-2002-0071

BID: 4474

MSFT: MS02-018

MSKB: 319733