{"vuid":"VU#717748","idnumber":"717748","name":"Microsoft Internet Information Server (IIS) 4.0 contains a buffer overflow in the redirect function","keywords":["Microsoft","Internet Information Server","IIS","4.0","buffer overflow","redirect function","Q841373","MS04-021"],"overview":"There is a vulnerability in the redirect function of Microsoft's Internet Information Server (IIS) 4.0 that could allow an attacker to execute arbitrary code on an affected system.","clean_desc":"Internet Information Server (IIS) is a web server available for the Microsoft Windows operating system. IIS provides a redirect function that is responsible for forwarding incoming HTTP requests to another page. There is a buffer overflow vulnerability in the way the redirect function validates the length of incoming requests. By sending a specially crafted message to an affected system, an attacker could trigger a buffer overflow and potentially execute code of the attacker's choice. For more information, please refer to Microsoft Security Bulletin MS04-021. Note: According to the Microsoft Security Bulletin, only IIS 4.0 systems are affected.","impact":"A remote, unauthenticated attacker could execute arbitrary code on an affected system.","resolution":"Apply a patch as described in Microsoft Security Bulletin MS04-021.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by Microsoft.","author":"This document was written by Damon Morda and based on information provided by Microsoft.","public":["http://www.microsoft.com/technet/security/bulletin/ms04-021.mspx","http://secunia.com/advisories/12061/","http://www.securitytracker.com/alerts/2004/Jul/1010692.html","http://www.securiteam.com/windowsntfocus/5UP0B15DGK.html","http://www.microsoft.com/WindowsServer2003/iis/default.mspx"],"cveids":["CVE-2004-0205"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-07-13T20:51:37Z","publicdate":"2004-07-13T00:00:00Z","datefirstpublished":"2004-07-14T15:00:56Z","dateupdated":"2004-07-14T15:09:26Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"5","cam_impact":"20","cam_easeofexploitation":"9","cam_attackeraccessrequired":"20","cam_scorecurrent":"10.125","cam_scorecurrentwidelyknown":"11.8125","cam_scorecurrentwidelyknownexploited":"18.5625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.125,"vulnote":null}