NetProwler 3.5.1 Security Update 24

March 18, 2003
NetProwler 3.5.1 Security Update 24

Description

NetProwler 3.5.1 SU24 includes detection of a Microsoft Windows 2000 WebDAV Buffer Overflow Vulnerability. Successful exploitation of this vulnerability could result in the execution of arbitrary code on the machine. You may obtain NetProwler 3.5.1 SU24 through the product's auto update feature.

Security Update 24 Signature

HTTP_MS_IIS_Translate_Exploit

A buffer overflow vulnerability is present in a Microsoft Windows 2000 component used by WebDAV. WebDAV does not perform sufficient bounds checking on data passed to a particular system component.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0109

http://www.securityfocusonline.com/bid/7116

Last modified on: Wednesday, 19-Mar-03 01:07:50