- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20818
- Проверка EDB
-
- Пройдено
- Автор
- CYRUS THE GREAT
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2001-0241
- Дата публикации
- 2001-05-01
Код:
source: https://www.securityfocus.com/bid/2674/info
Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow the execution of arbitrary code. Typically a web server would stop responding in a buffer overflow condition; however, once Windows 2000 detects an unresponsive web server it automatically performs a restart. Therefore, the administrator will be unaware of this attack.
* If Web-based Printing has been configured in group policy, attempts to disable or unmap the affected extension via Internet Services Manager will be overridden by the group policy settings.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20818.zip- Источник
- www.exploit-db.com
