Alert: Microsoft Security Bulletin - MS02-053

• Previous message: Jouko Pynnonen: "Re: [Full-Disclosure] Technical information about the vulnerabilities fixed by MS-02-52"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Wed, 25 Sep 2002 18:35:57 -0400
From: Russ <Russ.Cooper@RC.ON.CA>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

http://www.microsoft.com/technet/security/bulletin/MS02-053.asp

Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)

Originally posted: September 25, 2002

Summary

Who should read this bulletin: Web site administrators using Microsoft® FrontPage Server Extensions

Impact of vulnerability: Buffer overrrun or denial of service

Maximum Severity Rating: Critical

Recommendation: Web site administrators should apply the patch or ensure that the SmartHTML Interpreter is not available on the server.

Affected Software:
- Microsoft FrontPage Server Extensions 2000
- Microsoft FrontPage Server Extensions 2002
- Microsoft Windows 2000 (shipped FPSE 2000)
- Microsoft Windows XP (shipped FPSE 2000)

Technical description:

The SmartHTML Interpreter (shtml.dll) is part of the FrontPage Server Extensions (FPSE), and provides support for web forms and other FrontPage-based dynamic content. The interpreter contains a flaw that could be exposed when processing a request for a particular type of web file, if the request had certain specific characteristics. This flaw affects the two versions of FrontPage Server Extensions differently. On FrontPage Server Extensions 2000, such a request would cause the interpreter to consume most or all CPU availability until the web service was restarted. An attacker could use this vulnerability to conduct a denial of service attack against an affected web server. On FrontPage Server Extensions 2002, the same type of request could cause a buffer overrun, potentially allowing an attacker to run code of his choice.

Mitigating factors:
- The IIS Lockdown Tool, if used to configure a static web server, disables the SmartHTML Interpreter. Servers on which this has been done could not be affected by the vulnerability.
- FrontPage Server Extensions install on IIS 4.0, 5.0 and 5.1 by default, but can be uninstalled if desired. Servers on which this has been done could not be affected by the vulnerability.

Vulnerability identifier: CAN-2002-0692

This email is sent to NTBugtraq automatically as a service to my subscribers. Since its programmatically created, and since its been a long time since anyone paid actual money for my programming skills, it may or may not look that good...;-]

I can only hope that the information it does contain can be read well enough to serve its purpose.

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

• Previous message: Jouko Pynnonen: "Re: [Full-Disclosure] Technical information about the vulnerabilities fixed by MS-02-52"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [Full-Disclosure] Buffer Overrun in SmartHTML Interpreter Could Allow Code Executio n (Q324096) ... Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution ... Impact of vulnerability: Buffer overrun or denial of service ... versions of FrontPage Server Extensions differently. ... (Full-Disclosure) [NT] Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution ... The SmartHTML Interpreter is part of the FrontPage Server ... affects the two versions of FrontPage Server Extensions differently. ... potentially allowing an attacker to run code of his choice. ... could not be affected by the vulnerability. ... (Securiteam)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint