Buffer Overflow in Index Server 2.0 and Indexing Service 2000 by Microsoft
CVE-2001-0500

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Server; Indexing Service; Index Server
Vendor: CVE Published:; 21 July 2001

Summary

The buffer overflow vulnerability in the ISAPI extension (idq.dll) of Index Server 2.0 and Indexing Service 2000 allows remote attackers to leverage overly long arguments sent to Internet Data Administration (.ida) and Internet Data Query (.idq) files, enabling them to execute arbitrary commands. This flaw is particularly notable in IIS 6.0 beta and earlier versions, making it susceptible to exploitation techniques similar to those used by the infamous Code Red worm.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/archive/1/191873

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/2880

vdb-entryx_refsource_BID

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 21, 2001
Vulnerability Reserved
Jun 8, 2001