HTTP: Microsoft IIS ISAPI RSA WebAgent Redirect Overflow
This signature detects attempts to exploit a known vulnerability in the Microsoft IIS ISAPI RSA WebAgent. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Simple HTTP Scanner is reportedly prone to multiple unspecified security vulnerabilities. The cause and impact of this issue are currently unknown. This BID will be updated when more information becomes available. Versions prior to 0.4 are vulnerable to these issues.
Affected Products
Simple_http_scanner simple_http_scanner
References
BugTraq: 20151
CVE: CVE-2005-4734
URL: https://knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_aaweb.asp
Short Name
HTTP:ISAPI-RSA-WEB
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-4734 IIS ISAPI Microsoft Overflow RSA Redirect WebAgent bid:20151
Release Date
11/10/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Simple_http_scanner
CVSS Score
6.4