PRWeb The Leader Press Release Distribution
See How PRWeb Works

We're here to help 1-866-640-6397

Login Create Free Account

Why PRWeb Customer Examples Pricing Tools & Tips

All Press Releases for June 21, 2001 Subscribe to this News Feed    
 

eEye Digital Security Announces Major Vulnerability in All Versions of Microsoft® IIS Web Server Software

Security Vulnerability Gives Attackers Full Control Over Any Web Server Running Microsoft Windows® NT 4.0, Windows 2000, or Windows XP with Internet Information Services IIS

(PRWEB) June 21, 2001 -- eEye Digital Security announces the discovery of a major security vulnerability in Microsofts (www.microsoft.com) IIS Web Server software. The vulnerability lies within the code that allows a Web server to interact with Microsoft Indexing Service functionality. The vulnerable Indexing Service ISAPI filter is installed by default on all versions of IIS. The problem lies in the fact that the .ida (Indexing Service) ISAPI filter does not perform proper "bounds checking" on user inputted buffers and therefore is susceptible to buffer overflow attacks.

Attackers that leverage the vulnerability can, from a remote location, gain full SYSTEM access to any server that is running a default installation of Windows NT 4.0, Windows 2000, or Windows XP and using Microsofts IIS Web Server software. With system-level access, an attacker can perform any desired action, including installing and running programs, manipulating Web server databases, adding, changing or deleting files and Web pages, and more.

eEye stressed the extreme seriousness of this vulnerability. Network administrators are urged to immediately install the patch released by Microsoft at www.microsoft.com/technet/security.

According to Netcraft (www.netcraft.com), there are roughly 5.9 Million Web servers running IIS. It is safe to say that because the vulnerability is within a default IIS component that, at the very least, 50% of these servers have the .ida extension running, making this one of, if not the single largest vulnerability in IIS to date.

As stated earlier, all versions of Microsofts IIS Web server software are vulnerable to this flaw. This includes Windows XP- Microsofts next-generation Operating System. Microsoft is taking the necessary steps to patch Windows XP before the final version ships to customers.

eEye alerted Microsofts security team immediately upon discovery of the vulnerability and has worked closely with Microsoft on the development of a patch and the expeditious alerting of administrators worldwide. An exploit program was developed by eEye that can be run against any vulnerable IIS Web server and in a matter of minutes produce a remote command prompt to which an attacker could connect and execute commands with system-level access. eEye has shared the exploit with Microsoft and decided not to release the exploit to the general public given the potential abuse by malicious individuals.

This vulnerability is further proof of the need for network and application based security," said Marc Maiffret, Chief Hacking Officer at eEye Digital Security. While firewalls and Intrusion Detection Systems are necessary, they are not enough to ensure the total security of a network."

eEye has recently released a new product, SecureIIS, that acts as an application firewall" for IIS. SecureIIS protects servers running IIS from known and unknown hacker attacks. By working within IIS, SecureIIS monitors all incoming and outgoing traffic looking for classes of attacks and securing against them.

Clients that had SecureIIS installed on their servers were already protected from this latest vulnerability before the advisory was released," said Maiffret.


About eEye Digital Security
eEye Digital Security is a leading developer of high-end network security products and an active contributor to network security research and education. eEye offers a variety of network security products targeted at IT administrators and consultants alike. eEye products are focused on "proactive" security. These products work in conjunction with popular tools such as firewalls and Intrusion Detection Systems to deliver comprehensive assurance. The eEye products include Retina, the Network Vulnerability Scanner, SecureIIS, the IIS Application Firewall, and Iris, the Network Traffic Analyzer.
www.eEye.com    ; www.eEye.com/Retina    ; www.eEye.com/SecureIIS    ; www.eEye.com/Iris


CONTACT:
UK               
Kunle Barker            
Ecompany UK            
02088323798            
kbarker@ecompany.net          
OPTIONS
Printer Friendly Version
Email this story to a colleague
CONTACT INFORMATION
Kunle Barker
Ecompany
02088323798
Email us Here
ATTACHED FILES

There are no multimedia files attached to this release. If this is your release, you may add images or other multimedia files through your PRWeb News Management Console.
ABOUT PRESS RELEASES
If you have any questions regarding information in these press releases please contact the company listed in the press release. Please do not contact PRWeb. We will be unable to assist you with your inquiry. PRWeb disclaims any content contained in these release. Our complete disclaimer appears here.
 

© Copyright 1997-2009, Vocus PRW Holdings, LLC.
Vocus, PRWeb and Publicity Wire are trademarks or registered trademarks of Vocus, Inc. or Vocus PRW Holdings, LLC.

About PRWeb | News about PRWeb | Contact Us | Terms of Service | Privacy Policy | Copyright