10

CVE-2001-0500

Exploit
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftIndex Server Version2.0
MicrosoftIndexing Service Editionwindows_2000
MicrosoftInternet Information Server Updatebeta Version <= 6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 96.73% 0.999
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.cert.org/advisories/CA-2001-13.html
Patch
Third Party Advisory
US Government Resource
Exploit
http://www.ciac.org/ciac/bulletins/l-098.shtml
http://www.iss.net/security_center/static/6705.php
http://www.securityfocus.com/archive/1/191873
http://www.securityfocus.com/bid/2880
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-033
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A197