Tenable Network Security

	Nessus
	Download
	Plugins
	Newest Plugins
	Obtain an activation code
	View all plugins
	Search
	Documentation
	Register
	Buy Now
	ProfessionalFeed Support
	Bugs
	All the Tenable Products

Microsoft IIS .HTR Filter Multiple Overflows (MS02-028)

This script is Copyright (C) 2002-2010 Tenable Network Security, Inc.


Family	Web Servers
Nessus Plugin ID	11028 (iis_htr_overflow.nasl)
Bugtraq ID	4855 5003
CVE ID	CVE-2002-0364 CVE-2002-0071

Description:
Synopsis : The remote web server is affected by a buffer overflow vulnerability. Description : The remote server is vulnerable to a buffer overflow in the .HTR filter. An attacker may use this flaw to execute arbitrary code on this host (although the exploitation of this flaw is considered as being difficult). See also : http://www.microsoft.com/technet/security/bulletin/MS02-028.mspx Solution : To unmap the .HTR extension: 1.Open Internet Services Manager. 2.Right-click the Web server choose Properties from the context menu. 3.Master Properties 4.Select WWW Service -> Edit -> HomeDirectory -> Configuration 5.Remove the reference to .htr from the list. See MS bulletin MS02-028 for a patch Risk factor : High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

This is the web site for the Nessus Vulnerability Scanner from Tenable Network Security. If you are looking for the probabilistic analysis software from Southwest Research Institute, please visit www.nessus.swri.org

Microsoft IIS .HTR Filter Multiple Overflows (MS02-028)