HTTP: Microsoft w3who.dll Cross-Site Scripting
This signature detects attempts to exploit a cross-site scripting vulnerability in the Microsoft W3Who Internet Server Application Programming Interface application dynamic-link library. Attackers can steal authentication credentials.
Extended Description
The Microsoft Windows 2000 Resource Kit supports many utilities designed for diagnostic administration of the Windows platform. The w3who.dll library is a utility designed to provide auditing of server configuration remotely through a Web browser. Multiple remote vulnerabilities affect the w3who.dll library of Microsoft's Windows Resource Kit. These issues are due to a failure of the library to properly sanitize and perform proper bounds checking on user-supplied input. The first two issues are cross-site scripting vulnerabilities. The final issue is a buffer overflow vulnerability. These issues may be exploited to conduct cross-site scripting attacks and execute arbitrary code with the privileges of the affected Web server. This may facilitate theft of cookie based authentication credentials, unauthorized access, privileges escalation other attacks.
Affected Products
Microsoft w3who.dll
Short Name
HTTP:XSS:MS-W3WHO-XSS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2004-1133 Cross-Site Microsoft Scripting bid:11820 w3who.dll
Release Date
03/16/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
6.8