Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

HTTP:FRONTPAGE:DOS-NAME-DOS

Severity

Minor

Recommended

No

Recommended Action

Drop

Category

HTTP

Keywords

Microsoft Frontpage MS-DOS Device Name DoS

Release Date

2004/12/08

Update Number

1213

Supported Platforms

di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft Frontpage MS-DOS Device Name DoS


This signature detects attempts to exploit a known vulnerability in Microsoft Frontpage. Attackers can send a malformed request with an MS-DOS device name to shtml.exe to crash the server.

Extended Description

It is possible to remotely crash a system running Microsoft FrontPage Server Extensions by conducting a URL request for a MS-DOS device through shtml.exe. For example, the following URL requests will crash FrontPage Server Extensions: http://target/_vti_bin/shtml.exe/comX.htm (X being one of 1, 2 ,3, or 4; the device must exist on the target machine) http://target/_vti_bin/shtml.exe/prn.htm http://target/_vti_bin/shtml.exe/aux.htm The device name must have an appended extension in order for the exploit to work. In addition to the HTM extension, ASP will work as well. Restarting IIS or rebooting the system is required in order to regain normal functionality. Testing has shown that it may require a constant stream of these requests in order to render the server ineffective.

Affected Products

  • Microsoft frontpage_2000_server_extensions SR 1.1

References

  • BugTraq: 1608
  • CVE: CVE-2000-0710
  • CVE: CVE-2000-0709
  • URL: http://www.securityfocus.com/bid/1043
  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln2008.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out