CVE-2001-0341
published 2001-07-21CVE-2001-0341: Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
45.11%
98.6th percentile
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | frontpage_server_extensions | — | — |
| microsoft | windows_nt | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Visual Studio RAD Support - Remote Buffer Overflow
exploitdb·2001-06-21
CVE-2001-0341 Microsoft Visual Studio RAD Support - Remote Buffer Overflow
Microsoft Visual Studio RAD Support - Remote Buffer Overflow
---
// source: https://www.securityfocus.com/bid/2906/info
Due to an unchecked buffer in a subcomponent of FrontPage Server Extensions (Visual InterDev RAD Remote Deployment Support), a specially crafted request via 'fp30reg.dll' could allow a user to execute arbitrary commands in the context of IWAM_machinename on a host running IIS 5.0. A host running IIS 4.0, could allow the execution of arbitrary commands in the SYSTEM context.
/*
* fpse2000ex.c - Proof of concept code for fp30reg.dll overflow bug.
* Copyright (c) 2001 - Nsfocus.com
*
* DISCLAIMS:
* This is a proof of concept code. This code is for test purpose
* only and should not be run against any host without permission from
* the system administrator.
*
* NSFOCUS Se
Exploit-DB
Microsoft Visual Studio RAD Support - Remote Buffer Overflow (MS03-051) (Metasploit)
exploitdb·2001-06-21
CVE-2001-0341 Microsoft Visual Studio RAD Support - Remote Buffer Overflow (MS03-051) (Metasploit)
Microsoft Visual Studio RAD Support - Remote Buffer Overflow (MS03-051) (Metasploit)
---
source: https://www.securityfocus.com/bid/2906/info
Due to an unchecked buffer in a subcomponent of FrontPage Server Extensions (Visual InterDev RAD Remote Deployment Support), a specially crafted request via 'fp30reg.dll' could allow a user to execute arbitrary commands in the context of IWAM_machinename on a host running IIS 5.0. A host running IIS 4.0, could allow the execution of arbitrary commands in the SYSTEM context.
package Msf::Exploit::frontpage_fp30reg_chunked;
use base "Msf::Exploit";
use strict;
my $advanced = { };
my $info =
{
'Name' => 'Frontpage fp30reg.dll Chunked Encoding',
'Version' => '$Revision: 1.19 $',
'Authors' => [ 'H D Moore [Artistic License]', ],
'Arch' => [ 'x86' ],
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=99348216322147&w=2http://www.osvdb.org/577http://www.securityfocus.com/bid/2906https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-035https://exchange.xforce.ibmcloud.com/vulnerabilities/6730http://marc.info/?l=bugtraq&m=99348216322147&w=2http://www.osvdb.org/577http://www.securityfocus.com/bid/2906https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-035https://exchange.xforce.ibmcloud.com/vulnerabilities/6730
2001-07-21
Published