Patch Available for *Unchecked Buffer in ISAPI Extension ...* Vulnerability

 
May 07, 2001
Microsoft has released a patch that eliminates a security vulnerability in Windows 2000's native support for Internet Printing Protocol (IPP), an industry standard for submitting and controlling print jobs over HTTP. The security vulnerability exists because the ISAPI extension contains an unchecked buffer in a section of code that handles input parameters. This could enable a remote attacker to conduct a buffer overrun attack and cause code of his or her choice to run on the server. Such code would run in the Local System security context. This would give the attacker complete control of the server, and would enable him or her to take virtually any action he or she chose.

Customer Security Bulletin (CSB01-05): Microsoft (MS01-023): Patch Available for "Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server" Vulnerability


Privacy | FAQ | Site Map | About | Guidelines | Contact | Advertising | What is ColdFusion?
House of Fusion | ColdFusion Jobs | Blog of Fusion | AHP Hosting