Details of VAR-200204-0007

ID

VAR-200204-0007

CVE

CVE-2002-0071

TITLE

Microsoft Internet Information Server (IIS) vulnerable to heap overflow during processing of crafted ".htr" request by "ISM.DLL" ISAPI filter

Trust: 0.8

sources: CERT/CC: VU#363715

DESCRIPTION

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Microsoft IIS In HTR The request is processed incorrectly and is invalid HTR There is a vulnerability that overflows in the heap area by receiving a request.ISM.DLL An arbitrary code may be executed with the execution right. This condition affects IIS 4.0, IIS 5.0 and may be effectively mitigated by disabling the extension. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves

Trust: 2.7

sources: NVD: CVE-2002-0071 // CERT/CC: VU#363715 // JVNDB: JVNDB-2002-000077 // BID: 4474 // VULMON: CVE-2002-0071

AFFECTED PRODUCTS

vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	internet information services	scope:	eq	version:	5.0	Trust: 1.6
vendor:	microsoft	model:	iis	scope:	eq	version:	5.0	Trust: 1.1
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 1.1
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.0	Trust: 0.6
vendor:	cisco	model:	unity server	scope:	eq	version:	2.4	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.3	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.1	Trust: 0.3
vendor:	cisco	model:	unity server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.5	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.4	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.3	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.0.1	Trust: 0.3

sources: CERT/CC: VU#363715 // BID: 4474 // JVNDB: JVNDB-2002-000077 // CNNVD: CNNVD-200204-024 // NVD: CVE-2002-0071

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0071
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#363715
value:	9.00
Trust: 0.8
NVD:	CVE-2002-0071
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200204-024
value:	HIGH
Trust: 0.6
VULMON:	CVE-2002-0071
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-0071
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: CERT/CC: VU#363715 // VULMON: CVE-2002-0071 // JVNDB: JVNDB-2002-000077 // CNNVD: CNNVD-200204-024 // NVD: CVE-2002-0071

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0071

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200204-024

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 4474 // CNNVD: CNNVD-200204-024

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000077

PATCH

title:	MS02-018	url:	http://www.microsoft.com/technet/security/bulletin/MS02-018.asp	Trust: 0.8
title:	MS02-018	url:	http://www.microsoft.com/japan/technet/security/bulletin/MS02-018.mspx	Trust: 0.8
title:	Cisco: Microsoft IIS Vulnerabilities in Cisco Products - MS02-018	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20020415-ms02-018	Trust: 0.1

sources: VULMON: CVE-2002-0071 // JVNDB: JVNDB-2002-000077

EXTERNAL IDS

db:	BID	id:	4474	Trust: 3.6
db:	CERT/CC	id:	VU#363715	Trust: 3.6
db:	NVD	id:	CVE-2002-0071	Trust: 2.5
db:	OSVDB	id:	3325	Trust: 1.7
db:	JVNDB	id:	JVNDB-2002-000077	Trust: 0.8
db:	CERT/CC	id:	CA-2002-09	Trust: 0.6
db:	MS	id:	MS02-018	Trust: 0.6
db:	BUGTRAQ	id:	20020411 KPMG-2002010: MICROSOFT IIS .HTR ISAPI BUFFER OVERRUN	Trust: 0.6
db:	XF	id:	8799	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:45	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:130	Trust: 0.6
db:	ATSTAKE	id:	A041002-1	Trust: 0.6
db:	CISCO	id:	20020415 MICROSOFT IIS VULNERABILITIES IN CISCO PRODUCTS - MS02-018	Trust: 0.6
db:	CNNVD	id:	CNNVD-200204-024	Trust: 0.6
db:	VULMON	id:	CVE-2002-0071	Trust: 0.1

sources: CERT/CC: VU#363715 // VULMON: CVE-2002-0071 // BID: 4474 // JVNDB: JVNDB-2002-000077 // CNNVD: CNNVD-200204-024 // NVD: CVE-2002-0071

REFERENCES

url:	http://www.securityfocus.com/bid/4474	Trust: 3.3
url:	http://www.kb.cert.org/vuls/id/363715	Trust: 2.9
url:	http://www.atstake.com/research/advisories/2002/a041002-1.txt	Trust: 2.5
url:	http://www.cert.org/advisories/ca-2002-09.html	Trust: 2.5
url:	http://www.cisco.com/warp/public/707/microsoft-iis-vulnerabilities-ms02-018.shtml	Trust: 1.7
url:	http://www.iss.net/security_center/static/8799.php	Trust: 1.7
url:	http://www.osvdb.org/3325	Trust: 1.7
url:	http://www.microsoft.com/technet/security/bulletin/ms02-018.asp	Trust: 1.4
url:	http://marc.info/?l=bugtraq&m=101854087828265&w=2	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a45	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a130	Trust: 1.1
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018	Trust: 1.1
url:	http://www.microsoft.com/downloads/release.asp?releaseid=37931	Trust: 0.8
url:	http://www.microsoft.com/downloads/release.asp?releaseid=37824	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0071	Trust: 0.8
url:	http://www.jpcert.or.jp/wr/2002/wr021401.txt	Trust: 0.8
url:	http://jvn.jp/cert/jvnca-2002-09	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0071	Trust: 0.8
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=101854087828265&w=2	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:45	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:130	Trust: 0.6
url:	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-018.asp	Trust: 0.3
url:	http://support.microsoft.com/default.aspx?scid=kb;en-us;q317636	Trust: 0.3
url:	http://www.microsoft.com/technet/security/advisory/default.mspx	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CERT/CC: VU#363715 // VULMON: CVE-2002-0071 // BID: 4474 // JVNDB: JVNDB-2002-000077 // CNNVD: CNNVD-200204-024 // NVD: CVE-2002-0071

CREDITS

Dave Aitel※ dave@immunitysec.com※Peter Gründl※ pgrundl@kpmg.dk

Trust: 0.6

sources: CNNVD: CNNVD-200204-024

SOURCES

db:	CERT/CC	id:	VU#363715
db:	VULMON	id:	CVE-2002-0071
db:	BID	id:	4474
db:	JVNDB	id:	JVNDB-2002-000077
db:	CNNVD	id:	CNNVD-200204-024
db:	NVD	id:	CVE-2002-0071

LAST UPDATE DATE

2025-04-03T22:25:21.585000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#363715	date:	2004-02-23T00:00:00
db:	VULMON	id:	CVE-2002-0071	date:	2018-10-30T00:00:00
db:	BID	id:	4474	date:	2002-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2002-000077	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200204-024	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2002-0071	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#363715	date:	2002-04-10T00:00:00
db:	VULMON	id:	CVE-2002-0071	date:	2002-04-22T00:00:00
db:	BID	id:	4474	date:	2002-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2002-000077	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200204-024	date:	2002-04-22T00:00:00
db:	NVD	id:	CVE-2002-0071	date:	2002-04-22T04:00:00