Hi, On Thursday 19 July 2001 20:55, Rainer Link wrote:
IIRC those *.ida stuff is related to MS IIS and it reminds me of http://www.eeye.com/html/Research/Advisories/AD20010618.html.
Please see http://www.newsbytes.com/news/01/168003.html, too.
best regards, Rainer Link
Another good resource for common vulnerabilities and attack patterns is, as the name suggests, the Common Vulnerabilities and Exposures Database at http://cve.mitre.org. Just do a "search CVE" and enter "ida" as keyword, this turns up two items, the second one (CAN-2001-0500) says: "** CANDIDATE (under review) ** Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files." Which would apply in this case. Regards, Martin -- Martin Leweling Institut fuer Planetologie, WWU Muenster Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany