MS01-035: Microsoft IIS FrontPage fp30reg.dll Remote Overflow (uncredentialed check)

High Nessus Plugin ID 10699


The remote web server is prone to a buffer overflow attack.


Microsoft IIS, running Frontpage extensions, is vulnerable to a remote buffer overflow attack. An attacker, exploiting this bug, may gain access to confidential data, critical business processes, and elevated privileges on the attached network.


Install either SP4 for Windows 2000 or apply the fix described in Microsoft Bulletin MS01-035.

See Also

Plugin Details

Severity: High

ID: 10699

File Name: frontpage_overflow.nasl

Version: $Revision: 1.47 $

Type: remote

Family: Web Servers

Published: 2001/06/26

Modified: 2017/08/30

Dependencies: 10107, 11919, 17975

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:internet_information_server

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2001/06/25

Reference Information

CVE: CVE-2001-0341

BID: 2906

MSKB: 300477

OSVDB: 577

MSFT: MS01-035