ID CVE-2001-0341
Summary Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
References
Vulnerable Configurations
  • Microsoft frontpage_server_extensions 2000
    cpe:2.3:a:microsoft:frontpage_server_extensions:2000
  • Microsoft Windows 2000
    cpe:2.3:o:microsoft:windows_2000
  • Microsoft windows 2000_sp1
    cpe:2.3:o:microsoft:windows_2000:-:sp1
  • Microsoft windows 2000_sp2
    cpe:2.3:o:microsoft:windows_2000:-:sp2
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:-:enterprise_server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:server
    cpe:2.3:o:microsoft:windows_nt:4.0:-:server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:terminal_server
    cpe:2.3:o:microsoft:windows_nt:4.0:-:terminal_server
  • cpe:2.3:o:microsoft:windows_nt:4.0:-:workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:-:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server
  • Microsoft Windows 4.0 sp1 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server
  • Microsoft Windows NT Terminal Server 4.0 SP1
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server
  • Microsoft Windows 4.0 sp1 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server
  • Microsoft Windows 4.0 sp2 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server
  • Microsoft Windows NT Terminal Server 4.0 SP2
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server
  • Microsoft Windows 4.0 sp2 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server
  • Microsoft Windows 4.0 sp3 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server
  • Microsoft Windows NT Terminal Server 4.0 SP3
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server
  • Microsoft Windows 4.0 sp3 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server
  • Microsoft Windows 4.0 sp4 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server
  • Microsoft Windows NT Terminal Server 4.0 SP4
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server
  • Microsoft Windows 4.0 sp4 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server
  • Microsoft Windows 4.0 sp5 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server
  • Microsoft Windows NT Terminal Server 4.0 SP5
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server
  • Microsoft Windows 4.0 sp5 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server
  • Microsoft Windows 4.0 sp6 server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server
  • Microsoft Windows NT Terminal Server 4.0 SP6
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server
  • Microsoft Windows 4.0 sp6 workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation
  • cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server
  • Microsoft Windows 4.0 sp6a server
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server
  • Microsoft Windows 4.0 sp6a workstation
    cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description MS Visual Studio RAD Support Buffer Overflow Vulnerability. CVE-2001-0341. Remote exploit for windows platform
    id EDB-ID:20950
    last seen 2016-02-02
    modified 2001-06-21
    published 2001-06-21
    reporter NSFOCUS Security Team
    source https://www.exploit-db.com/download/20950/
    title Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability
  • description MS Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit). CVE-2001-0341. Remote exploit for windows platform
    id EDB-ID:20951
    last seen 2016-02-02
    modified 2001-06-21
    published 2001-06-21
    reporter NSFOCUS Security Team
    source https://www.exploit-db.com/download/20951/
    title Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability metasploit
nessus via4
NASL family Web Servers
NASL id FRONTPAGE_OVERFLOW.NASL
description Microsoft IIS, running Frontpage extensions, is vulnerable to a remote buffer overflow attack. An attacker, exploiting this bug, may gain access to confidential data, critical business processes, and elevated privileges on the attached network.
last seen 2019-02-21
modified 2018-09-17
plugin id 10699
published 2001-06-26
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10699
title MS01-035: Microsoft IIS FrontPage fp30reg.dll Remote Overflow (uncredentialed check)
refmap via4
bid 2906
bugtraq 20010625 NSFOCUS SA2001-03 : Microsoft FrontPage 2000 Server Extensions Buffer Overflow Vulnerability
ms MS01-035
osvdb 577
xf frontpage-ext-rad-bo(6730)
Last major update 17-10-2016 - 22:10
Published 21-07-2001 - 00:00
Last modified 30-04-2019 - 10:27
Back to Top