MS02-053: Microsoft FrontPage Extensions shtml.exe Remote Overflow (uncredentialed check)

high Nessus Plugin ID 11311

Synopsis

An application running on the remote web server may be vulnerable to a buffer overflow attack.

Description

The remote host has FrontPage Server Extensions (FPSE) installed.

There is a denial of service / buffer overflow condition in the program 'shtml.exe' which comes with it. However, no public detail has been given regarding this issue yet, so it's not possible to remotely determine if you are vulnerable to this flaw or not.

If you are, an attacker may use it to crash your web server (FPSE 2000) or execute arbitrary code (FPSE 2002). Please see the Microsoft Security Bulletin MS02-053 to determine if you are vulnerable or not.

Solution

Refer to the Microsoft Security Bulletin.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-053

Plugin Details

Severity: High

ID: 11311

File Name: frontpage_shtml_overflow.nasl

Version: 1.36

Type: remote

Family: Web Servers

Published: 3/3/2003

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:internet_information_server

Required KB Items: Settings/ParanoidReport

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 9/25/2002

Reference Information

CVE: CVE-2002-0692

BID: 5804

MSFT: MS02-053

MSKB: 324096