Microsoft Issues IIS & RAS Security Alerts
Two more MS security advisories have been issued for today. The first and most critical: a buffer overflow has been discovered
in Microsoft IIS web servers – this time in the ISAPI extension that handles HTR scripting. On IIS 4.0 an attacker would be able
to gain complete control of the server, while 5.0’s HTR extension runs under a less priviliged user account. Bulletin MS02-028 has
more details and a patch. This vulnerability would not affect systems running URLScan or the IIS Lockdown tools.
Bulletin MS02-029 deals with a less dangerous vulnerability that is only marked as ‘critical’ for Windows NT Terminal Servers and Windows 2000 when used as Intranet Servers. There is a buffer overflow vulnerability in the Remote Access Service phonebook which could be locally exploited for privilege elevation. Windows NT 4.0 and XP are also affected, though less significantly.