-----BEGIN PGP SIGNED MESSAGE-----

Microsoft have today released a patch for both Index Server 2.0
(which runs on NT 4.0 with the NT 4.0 Option Kit) and Indexing
Service for Windows 2000 that eliminates a buffer overrun which could
be used to gain System privilege on such a box.

If you've installed IIS 4.0 or 5.0 then you are vulnerable, unless
you've taken previous recommendations to remove the script mappings
for .ida and .idq. If you haven't, then do so through Internet
Services Manager, Web server, Properties, Master Properties, WWW
Service, Edit, HomeDirectory, Configuration. Remove the following
mappings;

.ida
.idq

also make sure you have removed the following;

.htr
.htw
.stm
.shtm
.shtml
.printer

Microsoft have released a patched version of idq.dll, the application
responsible for the overrun. Check out their Security Bulletin for
the appropriate version.

http://www.microsoft.com/technet/security/bulletin/MS01-033.asp

Note: I always took the Index Services to be part of the IIS
distribution, so I expected to see a cumulative patch of all previous
IIS fixes in this one. Index is not part of IIS, and so the patch
only includes an updated idq.dll. It is, however, cumulative for the
other patches to idq.dll that have been released, including MS01-025
and MS00-006. In case you're wondering, MS00-084 isn't superceded by
this patch because its not idq.dll.

Clear as mud?

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2

iQCVAwUBOy6MchBh2Kw/l7p5AQHJzAQAnTQ5bD/eamlRCLUtbFJoa8hdl4ex74BG
2FYU6N31vcOnwVXQvIBKzGEO74KyWzBlO3UXKvwN3r2uvtd/F6r4Ka84zTDm5+06
aksuxA5Nuqbi1P6bB+vsa9xhTYi93F2vQ2jjwTFPRF/aaXraTOjO7oWGvhK45XZg
6Zdz5dqKzyE=
=KFe2
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]