Lucene search

SAINT CorporationSAINT:0C274370F0B7BD0156FA74DDD90A6A74

HistoryJul 13, 2007 - 12:00 a.m.

RSA Authentication Agent for Web for IIS chunked encoding overflow

2007-07-1300:00:00

SAINT Corporation

my.saintcorporation.com

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.666

Percentile

97.9%

JSON

Added: 07/13/2007
CVE: CVE-2005-1471
BID: 13524
OSVDB: 16164

Background

RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers.

Problem

A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary commands with LocalSystem privileges.

Resolution

A fix is available from <https://knowledge.rsasecurity.com>.

References

<http://www.kb.cert.org/vuls/id/790533>
<http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0039.html>

Limitations

Exploit works on RSA Authentication Agent For Web for IIS 5.3 on Windows 2000 SP4.

The success of this exploit depends on the system state at the time the exploit is attempted.

Platforms

Windows

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.666

Percentile

97.9%

JSON

Related for SAINT:0C274370F0B7BD0156FA74DDD90A6A74