ID CVE-2003-0227
Summary The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
References
Vulnerable Configurations
  • Microsoft IIS
    cpe:2.3:a:microsoft:internet_information_server
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description MS Windows Media Services (nsiislog.dll) Remote Exploit. CVE-2003-0227. Remote exploit for windows platform
id EDB-ID:56
last seen 2016-01-31
modified 2003-07-14
published 2003-07-14
reporter N/A
source https://www.exploit-db.com/download/56/
title Microsoft Windows Media Services - nsiislog.dll Remote Exploit
nessus via4
NASL family Web Servers
NASL id NSIISLOG_DLL.NASL
description Some versions of IIS shipped with a default file, nsiislog.dll, within the /scripts directory. Nessus has determined that the remote host has the file installed. The NSIISLOG.dll CGI may allow an attacker to execute arbitrary commands on this host, through a buffer overflow.
last seen 2019-02-21
modified 2018-11-15
plugin id 11664
published 2003-05-28
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11664
title Microsoft Media Services ISAPI nsiislog.dll Multiple Overflows
oval via4
  • accepted 2004-06-30T12:00:00.000-04:00
    class vulnerability
    contributors
    name Christine Walzer
    organization The MITRE Corporation
    description The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
    family windows
    id oval:org.mitre.oval:def:936
    status accepted
    submitted 2004-05-18T12:00:00.000-04:00
    title Windows 2000 Media Services ISAPI Logging Vulnerability
    version 63
  • accepted 2004-06-30T12:00:00.000-04:00
    class vulnerability
    contributors
    name Christine Walzer
    organization The MITRE Corporation
    description The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
    family windows
    id oval:org.mitre.oval:def:966
    status accepted
    submitted 2004-05-18T12:00:00.000-04:00
    title Windows NT Media Services ISAPI Logging Vulnerability
    version 63
refmap via4
bugtraq 20030528 RE: Alert: MS03-019, Microsoft... wrong, again.
ms MS03-019
ntbugtraq
  • 20030528 MS03-019: DoS or Code of Choice
  • 20030528 Re: Alert: MS03-019, Microsoft... wrong, again.
Last major update 17-10-2016 - 22:31
Published 09-06-2003 - 00:00
Last modified 12-10-2018 - 17:32
Back to Top