Microsoft Internet Information Server 5.0 Patch: Unchecked Buffer in ISAPI Extension

Publisher's Description

From Microsoft:

This update resolves the "Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server" security vulnerability in Windows 2000 and is discussed in Microsoft Security Bulletin MS01-023. Download now to prevent a malicious user from taking control of your Web server.

The Internet Printing ISAPI (Internet Services Application Programming Interface) extension for Windows 2000 has an unchecked buffer (a temporary data storage area that has a limited capacity) in the code that processes users' print requests. A specifically malformed request from a malicious user can cause the buffer to overflow. Doing so grants the malicious user Local System privileges, allowing him to take complete control of the Web server. This update eliminates the vulnerability by ensuring that the ISAPI extension checks input correctly.

Note Although the affected component is not part of Internet Information Services (IIS) 5.0, the vulnerability is present only when IIS 5.0 is running.

 
Free Web Performance Analyzer
Test your Website from your desktop and the cloud.
Download Now

More Popular File Server Software downloads

  1. Windows Server 2003

    1,054 downloads

  2. SolarWinds TFTP Server

    423 downloads

  3. Exceed

    259 downloads

  4. PS3 Media Server

    130 downloads

  5. Windows Home Server

    111 downloads

 
Hitachi IT Operations Director
Integrated IT Lifecycle Management with Hitachi IT Operations Director
Download Now
All User Reviews

Add Your Review

or Log in or create an account to post a review.
You are logged in as . Please submit your review for Microsoft Internet Information Server 5.0 Patch: Unchecked Buffer in ISAPI Extension Update
Add Your Review

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

Submit your reply

Submit

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

cancel

E-mail this review

Submit cancel

Report offensive content

If you believe this comment is offensive or violates the CNET's Site Terms of Use, you can report it below (this will not automatically remove the comment). Once reported, our staff will be notified and the comment will be reviewed.

Select type of offense:

Offensive: Sexually explicit or offensive language
Spam: Advertisements or commercial links
Disruptive posting: Flaming or offending other users
Illegal activities: Promote cracked software, or other illegal content
Submit cancel

See more CNET content tagged:

Microsoft IIS 5.0,
Microsoft IIS Server,
Microsoft Windows 2000,
Web server,
malicious user

Error

close

ERROR MESSAGE

If you think this is an error, please contact CNET TechTracker Support for further assistance.

Ok

Running Request

close

loading

Smart Install Software

close

CNET TechTracker will now automatically install software without requiring further action by you. (Note: This feature automatically accepts associated EULAs and third party applications on your behalf.)

You have selected the following software to Smart Install:

CNET TechTracker will attempt to install this software without interrupting you again. If an application requires manual installation, CNET TechTracker will download the installer and prompt you to take further action.

Proceed with Smart Install?

Confirm Standard Install Cancel

Submit a problem report for Microsoft Internet Information Server 5.0 Patch: Unchecked Buffer in ISAPI Extension

close

Please describe the problem you have with this software. This information will be sent to our editors for review.

Problem:

The CNET Installer isn't working as expected

The download link does not work

The software has a newer version

The software contains malware

Other

Description:

Please select a feedback type.

Please enter a description.

Submit Problem Report

Problem Report submitted

close

Thank you for submitting a problem report! The Download team is committed to providing you with accurate software information.

OK