Microsoft FrontPage Server Extensions (fp30reg.dll) Debug Function Remote Overflow (MS03-051 / 813360)

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

It is possible to execute code on the remote host through FrontPage.

Description :

The remote Microsoft FrontPage server seems vulnerable to a remote
buffer overflow. Exploitation of this bug could give an unauthorized
user access to the machine.

The following systems are known to be vulnerable:

Microsoft Windows 2000 Service Pack 2, Service Pack 3
Microsoft Windows XP, Microsoft Windows XP Service Pack 1
Microsoft Office XP, Microsoft Office XP Service Release 1.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms03-051

Solution :

Apply patch MS03-051.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 11923 (frontpage_chunked_overflow.nasl)

Bugtraq ID: 9007
9008

CVE ID: CVE-2003-0822
CVE-2003-0824