{"vuid":"VU#395588","idnumber":"395588","name":"Microsoft Internet Information Services vulnerable to remote code execution via specially crafted ASP file","keywords":["Microsoft","Internet Information Services","IIS","remote code execution","ASP file","ms06-jul"],"overview":"Microsoft Internet Information Services (IIS) contains a buffer overflow vulnerability. This may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable system.","clean_desc":"IIS IIS is a web server that comes with Microsoft Windows. ASP ASP (Active Server Pages) is a technology for creating dynamic web sites. IIS includes the ability to serve ASP content. The problem IIS contains a buffer overflow in the handling of specially crafted ASP pages.","impact":"A remote, authenticated attacker may be able to run arbitrary code on a vulnerable system. This code would run with the privileges of IWAM_<machinename> on a system with IIS 5.0 and 5.1, and it would run with NetworkService privileges on a system with IIS 6.0.","resolution":"Apply an update\nThis vulnerability is addressed by the updates provided by MS06-034.","workarounds":"","sysaffected":"","thanks":"Thanks to Microsoft for reporting this vulnerability, who in turn credit Brett Moore of Security-Assessment.com.","author":"This document was written by Will Dormann.","public":["h","t","t","p",":","/","/","w","w","w",".","m","i","c","r","o","s","o","f","t",".","c","o","m","/","t","e","c","h","n","e","t","/","s","e","c","u","r","i","t","y","/","b","u","l","l","e","t","i","n","/","m","s","0","6","-","0","3","4",".","m","s","p","x"],"cveids":["CVE-2006-0026"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-07-11T18:45:44Z","publicdate":"2006-07-11T00:00:00Z","datefirstpublished":"2006-07-11T20:22:52Z","dateupdated":"2006-07-19T12:28:42Z","revision":8,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"17","cam_population":"20","cam_impact":"14","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"19.425","cam_scorecurrentwidelyknown":"19.425","cam_scorecurrentwidelyknownexploited":"29.925","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":19.425,"vulnote":null}