Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] Strange HTTP requests
Hi,

On Thursday 19 July 2001 20:55, Rainer Link wrote:
>
> IIRC those *.ida stuff is related to MS IIS and it reminds me of
> http://www.eeye.com/html/Research/Advisories/AD20010618.html.
>
> Please see http://www.newsbytes.com/news/01/168003.html, too.
>
> best regards,
> Rainer Link

Another good resource for common vulnerabilities and attack patterns is,
as the name suggests, the Common Vulnerabilities and Exposures
Database at http://cve.mitre.org.

Just do a "search CVE" and enter "ida" as keyword, this turns up
two items, the second one (CAN-2001-0500) says:

"** CANDIDATE (under review) ** Buffer overflow in ISAPI extension (idq.dll)
in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier
allows remote attackers to execute arbitrary commands via a long argument to
Internet Data Administration (.ida) and Internet Data Query (.idq) files."

Which would apply in this case.

Regards,
Martin
--
Martin Leweling
Institut fuer Planetologie, WWU Muenster
Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany

< Previous Next >
References