MS Index Server and Indexing Service ISAPI Extension Buffer Overflow Vulnerability

MS Index Server and Indexing Service ISAPI Extension Buffer Overflow Vulnerability

References:

A Very Real and Present Threat to the Internet (Microsoft)
All versions of Microsoft Internet Information Services Remote buffer overflow ( (eEye Digital Security)
CERT Advisory CA-2001-23: Continuing Threat of the "Code Red" Worm (CERT)
CERT Incident Note IN-2001-08: "Code Red" Worm Exploiting Buffer Overflow in IIS (CERT)
CERT Incident Note IN-2001-09: "Code Red II:" Another Worm Exploiting Buffer Ove (CERT)
CERT Incident Note IN-2001-10: "Code Red" Worm Crashes IIS 4.0 Servers with URL (CERT)
CERT® Advisory CA-2001-13 Buffer Overflow In IIS Indexing Service DLL (CERT)
CERT® Advisory CA-2001-19 "Code Red" Worm Exploiting Buffer Overflow In IIS Inde (CERT)
Cisco Security Advisory: "Code Red" Worm - Customer Impact (Cisco)
IIS IDA-IDQ exploit (CORE Security)
Microsoft Internet Information Server 4.0 Security Checklist (Microsoft)
Microsoft Security Bulletin MS01-033 (Microsoft)
Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP) Now Available (Microsoft)
Secure Internet Information Services 5 Checklist (Microsoft)
Tool to eliminate the obvious effects of the Code Red II worm (Microsoft)
Using Network-Based Application Recognition and Access Control Lists for Blockin (Cisco Systems)
X-Force Response to Concern About the "Code Red" Worm (ISS)

Privacy Statement
Copyright 2010, SecurityFocus