Detections
Analytics

Microsoft Content Management Server (MCMS) 2001 Multiple Remote Vulnerabilities

high Nessus Plugin ID 11313

Synopsis

Arbitrary code can be run on the remote hosts.

Description

The remote host is running Microsoft Content Management Server.

There is a buffer overflow in the Profile Service that could allow an attacker to execute arbitrary code on this host.

Solution

Microsoft has released a patch for Content Management Server 2001.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-041

Plugin Details

Severity: High

ID: 11313

File Name: mcms_overflow.nasl

Version: 1.40

Type: remote

Family: Web Servers

Published: 3/3/2003

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport, www/ASP

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/7/2002

Reference Information

CVE: CVE-2002-0700, CVE-2002-0718, CVE-2002-0719

BID: 5421, 5422, 5420

MSFT: MS02-041

MSKB: 326075