Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Microsoft plugs holes in Content Management Server

From: InfoSec News <isn () c4i org>
Date: Fri, 9 Aug 2002 01:24:27 -0500 (CDT)
http://www.nwfusion.com/news/2002/0808mscms.html

By Joris Evers
IDG News Service, 08/08/02 

Microsoft has released a patch for three vulnerabilities, one
"critical," in its Content Management Server 2001 software for
building and maintaining Web sites.

The most serious vulnerability lies in a user authentication function
of the application. An attacker could get complete control over the
system running the software by entering malformed data into a Web page
that uses this authentication function. Such a Web page is part of the
default Content Management Server 2001 installation, Microsoft said in
an advisory Wednesday.

Installing URLscan, a software tool recommended by Microsoft, will
probably protect servers running Content Management Server 2001 from
being taken over by an attacker, but the system can still be caused to
fail, Microsoft noted.

A second vulnerability in Content Management Server 2001 lies in a Web
authoring feature. An attacker can upload a program to the Web server
and execute it. This will not give the attacker full control over the
server because of security features in Microsoft's Web server
software, but it could be a starting point to try to gain additional
privileges, Microsoft said.

Content Management Server 2001 is typically installed on servers
running Microsoft's Internet Information Server 5.0 for Web server
support and SQL Server 7.0 or 2000 as the database, Microsoft said.

The third vulnerability patched by Microsoft exists in the database
features of Content Management Server 2001. An attacker could take any
action on the database and run some operating system commands as well,
but with limited privileges, Microsoft said.

Microsoft urges Content Management Server 2001 users to "immediately"  
apply the patch. Earlier versions of the content management software
may be affected, but are no longer supported, the Redmond, Wash.,
software maker said. More information can be found in Microsoft's
security bulletin MS02-041.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: