HTTP: Windows Media Services NSIISlog.DLL Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Media Services, included with Microsoft Windows 2000 Server SP4. Attackers can send a maliciously crafted HTTP "POST" request to overflow the buffer and cause a denial of service or execute arbitrary code.
Extended Description
Microsoft has reported a buffer overflow vulnerability in Windows Media Services. This is due to a problem with how the logging ISAPI extension handles incoming client requests. This could cause arbitrary code execution in IIS, which is exploitable through Media Services.
Affected Products
Microsoft windows_nt
Short Name
HTTP:IIS:NSIISLOG-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2003-0227 CVE-2003-0349 Media NSIISlog.DLL Overflow Services Windows bid:7727 bid:8035
Release Date
07/23/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5
5.0