VAR-200310-0075
Vulnerability from variot - Updated: 2023-12-18 13:35Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. This vulnerability could be exploited to crash the underlying Microsoft IIS web server. It should be noted that the service may be automatically restarted. It is not known if this issue affects other platforms or can be exploited to crash other underlying web server implementations. The researchers who discovered this vulnerability are currently investigating the possibility of exploiting this issue to execute arbitrary code, though sufficient details are not available regarding this at the time of writing. This BID will be updated if more details become available. RealSecure Server Sensor is a set of intrusion detection and immediate response system based on host-base and network-base. Remote attackers can exploit this vulnerability to perform denial-of-service attacks on services. It's unclear if other platforms are affected by the vulnerability. [enteredgelogo.jpg]
EnterEdge Technology takes a holistic approach to ensuring the Confidentiality, Integrity and Availability of data. By
combining best-of-breed technology with security expertise, education and managed security services, EnterEdge helps
organizations lower costs and improve efficiencies.
By simply sending a properly formatted URL via SSL, the ISAPI filter will crash IIS shutting down the service entirely.
We are currently testing this vulnerability in XPU 20.16 and 20.18 for remote code execution or code redirection.
We contacted ISS on or about August 14th concerning this issue. ISS has since released XPU 20.19 which addresses this specific issue.
Credit: EnterEdge Technology, LLC
Copyright (c) 1998-2003 EnterEdge Technology Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way without express consent of EnterEdge Technology. If you wish to reprint the whole or any part of this alert in any other medium excluding electronic medium, please e-mail research@enteredge.com for permission.
Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.
Feedback Please send suggestions, updates, and comments to: research@enteredge.com EnterEdge Technology http://www.enteredge.com
Copyright \xa9 2001 EnterEdge Technology, LLC 5500 Interstate N. Pkwy Suite 440 Atlanta, GA 30328
Phone: 770.955.9899 Fax 770.955.9896
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 1.6,
"vendor": "iss",
"version": "7.0"
},
{
"model": "realsecure server sensor",
"scope": "eq",
"trust": 0.8,
"vendor": "the internet security",
"version": "7.0"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.18"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.16"
},
{
"model": "security systems realsecure server sensor xpu",
"scope": "ne",
"trust": 0.3,
"vendor": "internet",
"version": "7.020.19"
}
],
"sources": [
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:iss:realsecure_server_sensor:7.0:xpu20.18:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EnterEdge Technology",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2003-0702",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-7527",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0702",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7527",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. This vulnerability could be exploited to crash the underlying Microsoft IIS web server. It should be noted that the service may be automatically restarted. \nIt is not known if this issue affects other platforms or can be exploited to crash other underlying web server implementations. \nThe researchers who discovered this vulnerability are currently investigating the possibility of exploiting this issue to execute arbitrary code, though sufficient details are not available regarding this at the time of writing. This BID will be updated if more details become available. RealSecure Server Sensor is a set of intrusion detection and immediate response system based on host-base and network-base. Remote attackers can exploit this vulnerability to perform denial-of-service attacks on services. It\u0027s unclear if other platforms are affected by the vulnerability. \n [enteredgelogo.jpg]\n \n \n EnterEdge Technology takes a holistic approach to ensuring the Confidentiality, Integrity and Availability of data. By\n combining best-of-breed technology with security expertise, education and managed security services, EnterEdge helps\n organizations lower costs and improve efficiencies. \n\n By simply sending a properly formatted URL via SSL, the ISAPI filter will crash IIS shutting down the service entirely. \n\n We are currently testing this vulnerability in XPU 20.16 and 20.18 for remote code execution or code redirection. \n\n We contacted ISS on or about August 14th concerning this issue. ISS has since released XPU 20.19 which addresses this\n specific issue. \n\n Credit: EnterEdge Technology, LLC\n\n Copyright (c) 1998-2003 EnterEdge Technology\n Permission is hereby granted for the redistribution of this alert electronically. It is not to be edited in any way\n without express consent of EnterEdge Technology. If you wish to reprint the whole or any part of this alert in any other\n medium excluding electronic medium, please e-mail research@enteredge.com for permission. \n\n Disclaimer\n The information within this paper may change without notice. Use of this information constitutes acceptance for use in an\n AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any\n damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this\n information is at the user\u0027s own risk. \n\n Feedback\n Please send suggestions, updates, and comments to: research@enteredge.com\n EnterEdge Technology http://www.enteredge.com\n\n Copyright \\xa9 2001 EnterEdge Technology, LLC 5500 Interstate N. Pkwy Suite 440 Atlanta, GA 30328\n Phone: 770.955.9899 Fax 770.955.9896\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "PACKETSTORM",
"id": "31598"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7527",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0702",
"trust": 2.9
},
{
"db": "XF",
"id": "13088",
"trust": 1.4
},
{
"db": "BID",
"id": "8550",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20030905 ISS SERVER SENSOR DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31598",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-7527",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"id": "VAR-200310-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:35:51.430000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.isskk.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.enteredge.com/research/can-2003-0702.asp"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/13088"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13088"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106278164225389\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0702"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0702"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/8550"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106278164225389\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.iss.net/products_services/enterprise_protection/rsserver/protector_server.php"
},
{
"trust": 0.3,
"url": "/archive/1/336307"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106278164225389\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0702"
},
{
"trust": 0.1,
"url": "http://www.enteredge.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7527"
},
{
"db": "BID",
"id": "8550"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"db": "PACKETSTORM",
"id": "31598"
},
{
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-7527"
},
{
"date": "2003-09-05T00:00:00",
"db": "BID",
"id": "8550"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"date": "2003-09-09T03:28:46",
"db": "PACKETSTORM",
"id": "31598"
},
{
"date": "2003-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"date": "2003-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7527"
},
{
"date": "2009-07-11T23:56:00",
"db": "BID",
"id": "8550"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000263"
},
{
"date": "2017-07-11T01:29:35.337000",
"db": "NVD",
"id": "CVE-2003-0702"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS RealSecure Server Sensor In URL request Service disruption due to incomplete processing (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-041"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…