CVE-2005-4360
Microsoft IIS - HTTP Request Denial of Service
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-12-19 First Exploit
- 2005-12-20 CVE Reserved
- 2005-12-20 CVE Published
- 2024-04-10 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-252: Unchecked Return Value
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/271 | Third Party Advisory | |
| http://securitytracker.com/alerts/2005/Dec/1015376.html | Third Party Advisory | |
| http://www.osvdb.org/21805 | Broken Link | |
| http://www.securityfocus.com/archive/1/419707/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/15921 | Third Party Advisory | |
| http://www.us-cert.gov/cas/techalerts/TA07-191A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1703 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/1376 | 2005-12-19 | |
| https://www.exploit-db.com/exploits/1377 | 2005-12-19 | |
| http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html | 2024-08-07 | |
| http://secunia.com/advisories/18106 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-041 | 2021-11-08 |
| URL | Date | SRC |
|---|---|---|
| http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html | 2021-11-08 | |
| http://www.vupen.com/english/advisories/2005/2963 | 2021-11-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Internet Information Services Search vendor "Microsoft" for product "Internet Information Services" | 5.1 Search vendor "Microsoft" for product "Internet Information Services" and version "5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | - | sp2, professional |
Safe
|