The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of IIS 5.1: shell command execution

Synthesis of the vulnerability 

An attacker allowed to upload ASP files can run shell commands.
Vulnerable software: IIS.
Severity of this announce: 1/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/12/2006.
Références of this computer vulnerability: CVE-2006-6578, CVE-2006-6579, VIGILANCE-VUL-6421.

Description of the vulnerability 

IIS web server uses two users:
 - IUSR_computer: access to pages
 - IWAM_computer: start process

Since version 5.1, an ASP script cannot execute a shell as IUSR_computer. However, two vulnerabilities permit to bypass this restriction.

Script can use win.com to start cmd.exe. [severity:1/4; CVE-2006-6578]

Script can create and read files in %WINDIR%\pchealth\ERRORREP\QHEADLES in order to obtain stdout data. [severity:1/4; CVE-2006-6579]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness announce impacts software or systems such as IIS.

Our Vigil@nce team determined that the severity of this vulnerability alert is low.

The trust level is of type confirmed by a trusted third party, with an origin of user account.

This bulletin is about 2 vulnerabilities.

An attacker with a expert ability can exploit this computer threat announce.

Solutions for this threat 

Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security announce. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.