Details of VAR-200204-0010

ID

VAR-200204-0010

CVE

CVE-2002-0074

TITLE

Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in IIS Help Files search facility

Trust: 0.8

sources: CERT/CC: VU#883091

DESCRIPTION

Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session. Visitors to web sites that use Microsoft IIS and also issue redirect response messages are vulnerable to cross-site scripting attacks. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Microsoft IIS 4.0/5.0/5.1 Has the potential to cause problems that can lead to cross-site scripting. below 3 There are two problems. * IIS The search results page of the help file does not properly convert the metacharacters contained in the request sent by the client. * "404 not found" As part of the error page, the metacharacters included in the request from the client are sent to the client without conversion. * Internet Explorer If you are using a browser other than "302 Object Moved" As part of the error page, the metacharacters contained in the request from the client are sent to the client without conversion. A Cross Site Scripting issue exists in some versions of IIS. The HTTP Error Page created by IIS may, under some circumstances, contain HTML content which includes unsanitized user supplied input. An attacker may construct a link to a vulnerable server such that it exploits this vulnerability. When an innocent user follows this link, the script code will be reproduced by the server, and execute within the context of the vulnerable site. This may result in the exposure of sensitive data and cookie information, or allow the attacker to subvert the content and functionality of the site. It has been reported that this issue may be exploited to steal cookie-based authentication credentials from users of a number of Microsoft domains/services (such as hotmail, passport, etc.). A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves

Trust: 4.59

sources: NVD: CVE-2002-0074 // CERT/CC: VU#883091 // CERT/CC: VU#886699 // CERT/CC: VU#520707 // JVNDB: JVNDB-2002-000080 // BID: 4483 // BID: 4487 // BID: 4486

AFFECTED PRODUCTS

vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	microsoft	model:	iis	scope:	eq	version:	5.1	Trust: 1.7
vendor:	microsoft	model:	iis	scope:	eq	version:	5.0	Trust: 1.7
vendor:	microsoft	model:	internet information server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	microsoft	model:	internet information services	scope:	eq	version:	5.0	Trust: 1.6
vendor:	microsoft	model:	iis	scope:	eq	version:	4.0	Trust: 1.4
vendor:	cisco	model:	unity server	scope:	eq	version:	2.4	Trust: 0.9
vendor:	cisco	model:	unity server	scope:	eq	version:	2.3	Trust: 0.9
vendor:	cisco	model:	unity server	scope:	eq	version:	2.2	Trust: 0.9
vendor:	cisco	model:	unity server	scope:	eq	version:	2.1	Trust: 0.9
vendor:	cisco	model:	unity server	scope:	eq	version:	2.0	Trust: 0.9
vendor:	cisco	model:	call manager	scope:	eq	version:	3.2	Trust: 0.9
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1	Trust: 0.9
vendor:	cisco	model:	call manager	scope:	eq	version:	3.0	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	5.1	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	5.0	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.5	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.4	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.3	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.2	Trust: 0.9
vendor:	cisco	model:	building broadband service manager	scope:	eq	version:	4.0.1	Trust: 0.9
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.0	Trust: 0.6
vendor:	microsoft	model:	internet information server	scope:	eq	version:	5.1	Trust: 0.6

sources: CERT/CC: VU#883091 // CERT/CC: VU#886699 // CERT/CC: VU#520707 // BID: 4483 // BID: 4487 // BID: 4486 // JVNDB: JVNDB-2002-000080 // CNNVD: CNNVD-200204-035 // NVD: CVE-2002-0074

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0074
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#883091
value:	15.95
Trust: 0.8
CARNEGIE MELLON:	VU#886699
value:	15.95
Trust: 0.8
CARNEGIE MELLON:	VU#520707
value:	15.95
Trust: 0.8
NVD:	CVE-2002-0074
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200204-035
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2002-0074
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: CERT/CC: VU#883091 // CERT/CC: VU#886699 // CERT/CC: VU#520707 // JVNDB: JVNDB-2002-000080 // CNNVD: CNNVD-200204-035 // NVD: CVE-2002-0074

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0074

THREAT TYPE

network

Trust: 0.9

sources: BID: 4483 // BID: 4487 // BID: 4486

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 4483 // BID: 4487 // BID: 4486

CONFIGURATIONS

sources: JVNDB: JVNDB-2002-000080

PATCH

title:	MS02-018	url:	http://www.microsoft.com/technet/security/bulletin/MS02-018.asp	Trust: 0.8
title:	MS02-018	url:	http://www.microsoft.com/japan/technet/security/Bulletin/MS02-018.mspx	Trust: 0.8
title:	Microsoft internet information server Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=134899	Trust: 0.6

sources: JVNDB: JVNDB-2002-000080 // CNNVD: CNNVD-200204-035

EXTERNAL IDS

db:	CERT/CC	id:	VU#883091	Trust: 3.5
db:	BID	id:	4483	Trust: 2.7
db:	NVD	id:	CVE-2002-0074	Trust: 2.4
db:	BID	id:	4486	Trust: 1.9
db:	OSVDB	id:	3338	Trust: 1.6
db:	CERT/CC	id:	VU#886699	Trust: 1.1
db:	CERT/CC	id:	VU#520707	Trust: 1.1
db:	BID	id:	4487	Trust: 1.1
db:	JVNDB	id:	JVNDB-2002-000080	Trust: 0.8
db:	CNNVD	id:	CNNVD-200204-035	Trust: 0.6

REFERENCES

url:	http://www.kb.cert.org/vuls/id/883091	Trust: 2.7
url:	http://www.cert.org/advisories/ca-2002-09.html	Trust: 2.4
url:	http://www.securityfocus.com/bid/4483	Trust: 2.4
url:	http://www.microsoft.com/technet/security/bulletin/ms02-018.asp	Trust: 1.6
url:	http://www.securityfocus.com/bid/4486	Trust: 1.6
url:	http://www.iss.net/security_center/static/8802.php	Trust: 1.6
url:	http://www.osvdb.org/3338	Trust: 1.6
url:	http://www.cgisecurity.com/advisory/9.txt	Trust: 1.6
url:	http://www.cisco.com/warp/public/707/microsoft-iis-vulnerabilities-ms02-018.shtml	Trust: 1.6
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018	Trust: 1.6
url:	http://seclists.org/bugtraq/2002/apr/0126.html	Trust: 1.6
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a46	Trust: 1.6
url:	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-018.asp	Trust: 0.9
url:	http://www.microsoft.com/technet/security/advisory/default.mspx	Trust: 0.9
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://www.cert.org/advisories/ca-2000-02.html	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0074	Trust: 0.8
url:	http://www.jpcert.or.jp/wr/2002/wr021401.txt	Trust: 0.8
url:	http://jvn.jp/cert/jvnca-2002-09	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0074	Trust: 0.8
url:	http://www.securityfocus.com/bid/4487	Trust: 0.8
url:	http://support.microsoft.com/default.aspx?scid=kb;en-us;q317636	Trust: 0.6
url:	http://www.kb.cert.org/vuls/id/520707	Trust: 0.3
url:	http://jscript.dk/adv/tl001/	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/886699	Trust: 0.3

CREDITS

zeno bugtraq@cgisecurity.net※Joe Smith※ jsm1th@hotmail.com

Trust: 0.6

sources: CNNVD: CNNVD-200204-035

SOURCES

db:	CERT/CC	id:	VU#883091
db:	CERT/CC	id:	VU#886699
db:	CERT/CC	id:	VU#520707
db:	BID	id:	4483
db:	BID	id:	4487
db:	BID	id:	4486
db:	JVNDB	id:	JVNDB-2002-000080
db:	CNNVD	id:	CNNVD-200204-035
db:	NVD	id:	CVE-2002-0074

LAST UPDATE DATE

2025-04-03T22:14:14.167000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#883091	date:	2002-04-10T00:00:00
db:	CERT/CC	id:	VU#886699	date:	2004-02-23T00:00:00
db:	CERT/CC	id:	VU#520707	date:	2002-04-10T00:00:00
db:	BID	id:	4483	date:	2002-04-10T00:00:00
db:	BID	id:	4487	date:	2002-04-10T00:00:00
db:	BID	id:	4486	date:	2002-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2002-000080	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200204-035	date:	2020-11-24T00:00:00
db:	NVD	id:	CVE-2002-0074	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#883091	date:	2002-04-10T00:00:00
db:	CERT/CC	id:	VU#886699	date:	2002-04-10T00:00:00
db:	CERT/CC	id:	VU#520707	date:	2002-04-10T00:00:00
db:	BID	id:	4483	date:	2002-04-10T00:00:00
db:	BID	id:	4487	date:	2002-04-10T00:00:00
db:	BID	id:	4486	date:	2002-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2002-000080	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200204-035	date:	2002-04-22T00:00:00
db:	NVD	id:	CVE-2002-0074	date:	2002-04-22T04:00:00