Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:IIS:CGI-BIN-CMD-EXE

Severity

 Minor

Recommended

 No

Category

 HTTP

Keywords

 IIS cgi-bin/cmd.exe Probe

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: IIS cgi-bin/cmd.exe Probe


This signature detects attempts to remotely execute cmd.exe.

Extended Description

An unchecked buffer exists in the code that handles environment strings within the command interpreter of Windows NT 4.0 and 2000, cmd.exe. If an unusually large environment variable is specified, cmd.exe will fail and the memory used will not be freed. By exploiting this repeatedly, an attacker could use up all free memory and cause a denial of service. This weakness could be exploited remotely via email, or in a situation where a batch file was used as a CGI script, and put user input into an environment variable.

Affected Products

  • Microsoft terminal_server_(wts)
  • Microsoft windows_2000_advanced_server
  • Microsoft windows_2000_professional
  • Microsoft windows_2000_server
  • Microsoft windows_nt 4.0
  • Microsoft windows_nt 4.0 alpha
  • Microsoft windows_nt_enterprise_server 4.0
  • Microsoft windows_nt_enterprise_server 4.0 SP1
  • Microsoft windows_nt_enterprise_server 4.0 SP2
  • Microsoft windows_nt_enterprise_server 4.0 SP3
  • Microsoft windows_nt_enterprise_server 4.0 SP4
  • Microsoft windows_nt_enterprise_server 4.0 SP5
  • Microsoft windows_nt_enterprise_server 4.0 SP6
  • Microsoft windows_nt_enterprise_server 4.0 SP6a
  • Microsoft windows_nt_server 4.0
  • Microsoft windows_nt_server 4.0 SP1
  • Microsoft windows_nt_server 4.0 SP2
  • Microsoft windows_nt_server 4.0 SP3
  • Microsoft windows_nt_server 4.0 SP4
  • Microsoft windows_nt_server 4.0 SP5
  • Microsoft windows_nt_server 4.0 SP6
  • Microsoft windows_nt_server 4.0 SP6a
  • Microsoft windows_nt_terminal_server 4.0
  • Microsoft windows_nt_terminal_server 4.0 alpha
  • Microsoft windows_nt_terminal_server 4.0 SP1
  • Microsoft windows_nt_terminal_server 4.0 SP2
  • Microsoft windows_nt_terminal_server 4.0 SP3
  • Microsoft windows_nt_terminal_server 4.0 SP4
  • Microsoft windows_nt_terminal_server 4.0 SP5
  • Microsoft windows_nt_terminal_server 4.0 SP6
  • Microsoft windows_nt_workstation 4.0
  • Microsoft windows_nt_workstation 4.0 SP1
  • Microsoft windows_nt_workstation 4.0 SP2
  • Microsoft windows_nt_workstation 4.0 SP3
  • Microsoft windows_nt_workstation 4.0 SP4
  • Microsoft windows_nt_workstation 4.0 SP5
  • Microsoft windows_nt_workstation 4.0 SP6
  • Microsoft windows_nt_workstation 4.0 SP6a

References

  • BugTraq: 1135
  • CVE: CVE-2000-0331

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out