How to Buy
This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.
An application running on the remote web server may be vulnerable to a
buffer overflow attack.
The remote host has FrontPage Server Extensions (FPSE) installed.
There is a denial of service / buffer overflow condition in the
program 'shtml.exe' which comes with it. However, no public detail has
been given regarding this issue yet, so it's not possible to remotely
determine if you are vulnerable to this flaw or not.
If you are, an attacker may use it to crash your web server (FPSE
2000) or execute arbitrary code (FPSE 2002). Please see the Microsoft
Security Bulletin MS02-053 to determine if you are vulnerable or not.
See also :
Refer to the Microsoft Security Bulletin.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Web Servers
Nessus Plugin ID: 11311 (frontpage_shtml_overflow.nasl)
Bugtraq ID: 5804
CVE ID: CVE-2002-0692
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.