Detections
Analytics
MS02-053: Microsoft FrontPage Extensions shtml.exe Remote Overflow (uncredentialed check)
high Nessus Plugin ID 11311
Synopsis
An application running on the remote web server may be vulnerable to a buffer overflow attack.Description
The remote host has FrontPage Server Extensions (FPSE) installed.There is a denial of service / buffer overflow condition in the program 'shtml.exe' which comes with it. However, no public detail has been given regarding this issue yet, so it's not possible to remotely determine if you are vulnerable to this flaw or not.
If you are, an attacker may use it to crash your web server (FPSE 2000) or execute arbitrary code (FPSE 2002). Please see the Microsoft Security Bulletin MS02-053 to determine if you are vulnerable or not.
Solution
Refer to the Microsoft Security Bulletin.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-053
Plugin Details
Severity: High
ID: 11311
File Name: frontpage_shtml_overflow.nasl
Version: 1.36
Type: remote
Family: Web Servers
Published: 3/3/2003
Updated: 4/11/2022
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.6
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:microsoft:internet_information_server, cpe:/o:microsoft:windows
Required KB Items: Settings/ParanoidReport
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 9/25/2002
Reference Information
CVE: CVE-2002-0692
BID: 5804
MSFT: MS02-053
MSKB: 324096