ID CVE-2001-0241
Summary Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:-:advanced_server
    cpe:2.3:o:microsoft:windows_2000:-:advanced_server
  • cpe:2.3:o:microsoft:windows_2000:-:datacenter_server
    cpe:2.3:o:microsoft:windows_2000:-:datacenter_server
  • cpe:2.3:o:microsoft:windows_2000:-:professional
    cpe:2.3:o:microsoft:windows_2000:-:professional
  • cpe:2.3:o:microsoft:windows_2000:-:server
    cpe:2.3:o:microsoft:windows_2000:-:server
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit (2). CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:268
    last seen 2016-01-31
    modified 2001-05-08
    published 2001-05-08
    reporter dark spyrit
    source https://www.exploit-db.com/download/268/
    title Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit 2
  • description Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (3). CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:20817
    last seen 2016-02-02
    modified 2005-02-02
    published 2005-02-02
    reporter styx
    source https://www.exploit-db.com/download/20817/
    title Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow Vulnerability 3
  • description MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit. CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:266
    last seen 2016-01-31
    modified 2001-05-07
    published 2001-05-07
    reporter Ryan Permeh
    source https://www.exploit-db.com/download/266/
    title Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit
  • description Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (4). CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:20818
    last seen 2016-02-02
    modified 2001-05-01
    published 2001-05-01
    reporter Cyrus The Great
    source https://www.exploit-db.com/download/20818/
    title Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow Vulnerability 4
  • description Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (1). CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:20815
    last seen 2016-02-02
    modified 2001-05-01
    published 2001-05-01
    reporter storm
    source https://www.exploit-db.com/download/20815/
    title Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow Vulnerability 1
  • description Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (2). CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:20816
    last seen 2016-02-02
    modified 2001-05-01
    published 2001-05-01
    reporter dark spyrit
    source https://www.exploit-db.com/download/20816/
    title Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow Vulnerability 2
  • description Microsoft IIS 5.0 Printer Host Header Overflow. CVE-2001-0241. Remote exploit for windows platform
    id EDB-ID:16469
    last seen 2016-02-01
    modified 2010-04-30
    published 2010-04-30
    reporter metasploit
    source https://www.exploit-db.com/download/16469/
    title Microsoft IIS 5.0 Printer Host Header Overflow
metasploit via4
description This exploits a buffer overflow in the request processor of the Internet Printing Protocol ISAPI module in IIS. This module works against Windows 2000 service pack 0 and 1. If the service stops responding after a successful compromise, run the exploit a couple more times to completely kill the hung process.
id MSF:EXPLOIT/WINDOWS/IIS/MS01_023_PRINTER
last seen 2018-09-17
modified 2018-09-15
published 2005-12-25
reliability Good
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/iis/ms01_023_printer.rb
title MS01-023 Microsoft IIS 5.0 Printer Host Header Overflow
nessus via4
NASL family Web Servers
NASL id IIS5_PRINTER.NASL
description The remote version of the IIS web server contains a bug which might be used by an attacker to execute arbitrary code on the remote system. To exploit this vulnerability, an attacker would need to send a malicious HTTP/1.1 request to the remote host.
last seen 2019-01-16
modified 2018-11-15
plugin id 10657
published 2001-05-01
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10657
title MS01-023: Microsoft IIS 5.0 Malformed HTTP Printer Request Header Remote Buffer Overflow (953155) (uncredentialed check)
oval via4
accepted 2011-05-16T04:00:15.997-04:00
class vulnerability
contributors
  • name Christine Walzer
    organization The MITRE Corporation
  • name Ingrid Skoog
    organization The MITRE Corporation
  • name Shane Shaffer
    organization G2, Inc.
  • name Sudhir Gandhe
    organization Telos
  • name Shane Shaffer
    organization G2, Inc.
description Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
family windows
id oval:org.mitre.oval:def:1068
status accepted
submitted 2004-05-12T12:00:00.000-04:00
title Windows 2000 Internet Printing ISAPI Extension Buffer Overflow
version 70
packetstorm via4
data source https://packetstormsecurity.com/files/download/82923/ms01_023_printer.rb.txt
id PACKETSTORM:82923
last seen 2016-12-05
published 2009-10-30
reporter H D Moore
source https://packetstormsecurity.com/files/82923/Microsoft-IIS-5.0-Printer-Host-Header-Overflow.html
title Microsoft IIS 5.0 Printer Host Header Overflow
refmap via4
bid 2674
bugtraq 20010501 Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access)
cert CA-2001-10
ms MS01-023
osvdb 3323
xf iis-isapi-printer-bo(6485)
saint via4
bid 2674
description Microsoft IIS 5.0 printer ISAPI extension buffer overflow
id web_server_iis_iis,web_server_iis_iisx
osvdb 3323
title iis_printer_isapi
type remote
Last major update 17-10-2016 - 22:10
Published 27-06-2001 - 00:00
Last modified 12-10-2018 - 17:30
Back to Top