MS Server Attack Tool Unleashed

[William Knowles <wk () C4I ORG>]

http://www.wired.com/news/technology/0,1282,38259,00.html

by Michelle Delio
10:00 a.m. Aug. 16, 2000 PDT

A newly released automated Web-based tool can scan Microsoft's
Internet Information Server (IIS) for multiple reported IIS
vulnerabilities, according to iDEFENSE Intelligence Services.

This Web tool can be used to scan unsuspecting systems to identify
vulnerabilities prior to an attack.

Then, through the successful exploitation of the discovered
vulnerabilities, an attacker could gain access to source code possibly
containing user names and passwords, locations of MS Access MDB files,
or other sensitive information.

Using the automated Web tool, Security Namodro, a Czech Republic
security firm, reported being able to penetrate dozens of systems and
obtain information ranging from email addresses to usernames and
passwords. Access to this tool is now publicly available on its
website hosted in the Czech Republic, purportedly so that Web
administrators can test their own sites.

Due to the now-public release of the tool, coupled with the short
length of time some of the Microsoft patches have been available,
iDEFENSE Intelligence Services is predicting an increase of attacks
against systems operating IIS.

Sammy Migues, iDEFENSE's chief scientist, says that the Czech Web page
serves as an example of how easy it is to automate some attacks on
websites.

"There are several other examples of freely downloadable tools that
scan websites for dozens of software and configuration
vulnerabilities," Migues said. "Having such a tool on a Web page like
this, however, allows people who are too scared to run tools from
their own IP address to 'test' sites from this Web server."

The original posting about the website was made to the NTBugtraq
discussion list, Migues says. The vulnerabilities the automated tool
tests for are not new, but the poster (whose name is being withheld)
said that an "informal test" done by his security team showed that
many IIS websites were vulnerable to these bugs.

Migues feels that in the short term, there may be an upswing in
attacks on IIS servers.

"In reality, however, these particular attacks are simply URLs that
anyone can type in from any Web browser anywhere, and so people are
actively trying to exploit these holes all the time anyway."

Migues hopes the publicity will inspire organizations to patch their
servers. Service Pack 1 for Windows 2000 contains fixes for these
vulnerabilities in IIS 4.0 and 5.0 along with patches for several
unrelated vulnerabilities.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".