exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

ms01-022

ms01-022
Posted Apr 22, 2001

Microsoft Security Advisory MS01-022 - The Microsoft Data Access Component Internet Publishing Provider provides access to WebDAV resources over the Internet. It contains an implementation flaw causing it to handle all requests in the security context of the user. As a result, if a user browsed to a web page or opened an HTML e-mail that contained script, that script could access web-based resources as the user. It is likely that at a minimum, the attacker could browse the user's intranet, and access web-based e-mail as well. Microsoft FAQ on this issue available here.

tags | web
SHA-256 | 44db5213ed41bbd17999a666108a7c3f4de1bd1b055a49df7f1da3d7e837ddc5

ms01-022

Change Mirror Download
The following is a Security  Bulletin from the Microsoft Product Security
Notification Service.

Please do not reply to this message, as it was sent from an unattended
mailbox.
********************************

-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------
Title: WebDAV Service Provider Can Allow Scripts to Levy
Requests as User
Date: 18 April 2001
Software: Microsoft Data Access Component Internet Publishing
Provider
Impact: Web-based script could levy WebDAV requests on the user's
behalf.
Bulletin: MS01-022

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS01-022.asp.
- ----------------------------------------------------------------------

Issue:
======
The Microsoft Data Access Component Internet Publishing Provider
provides access to WebDAV resources over the Internet. By design, it
should differentiate between requests made by a user and those made
by
a script running in the user's browser. However, because of an
implementation flaw, it handles all requests in the security context
of
the user. As a result, if a user browsed to a web page or opened an
HTML e-mail that contained script, that script could access web-based
resources as the user.

The specific actions an attacker could take via this vulnerability
would depend on the Web-based resources available to the user, and
the
user's privileges on them. However, it is likely that at a minimum,
the
attacker could browse the user's intranet, and potentially access
web-based e-mail as well.

Mitigating Factors:
====================
- The attacker would need to possess significant inside information
in
order to carry out a successful attack, such as server names,
folder
structures, and other user- and network-specific information. This
vulnerability would therefore be most likely used as part of an
insider attack.
- The vulnerability could not be exploited against stand-alone
machines.
- The vulnerability could not be exploited if Active Scripting was
disabled in the Security Zone the script opened in.

Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin
http://www.microsoft.com/technet/security/bulletin/ms01-022.asp
for information on obtaining this patch.

- ---------------------------------------------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED
"AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
SHALL
MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL,
LOSS
OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR
CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY
NOT
APPLY.

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQEVAwUBOt5M+Y0ZSRQxA/UrAQHf8gf/cAPS3JZrCMF5ukQjd/S3wXs1obvgZhhj
Ve1aPjx7cNBEzOzIo9bWcRig1GQ2XBlntbgyzgV/f53ZcsvhKjiuUubNES0fQ6NX
7JWwoTd+cY8pgazSp84GAmbRNtJQowa7Klpn93Mq7J3K3l3qn/DThMuuWMMDxOWH
lcTvnptyfL1HLI/q+8DaLjiSLaqA1folR9DPZ7s/w3BbYZcNc68MCrFRwdWk775p
fnHXjmpLWv1eiSiUdOS43g0pE9MydJ9kpz+D5e/GrWIJK1lKJm0G8jzNtIeFTNWT
IV5AlNDbmIT8M8R9r3643EymdgcrdJUoqpPN+5I+HLRusccrCyXpCw==
=NrUA
-----END PGP SIGNATURE-----

*******************************************************************
You have received this e-mail bulletin as a result of your registration
to the Microsoft Product Security Notification Service. You may
unsubscribe from this e-mail notification service at any time by sending
an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM
The subject line and message body are not used in processing the request,
and can be anything you like.

To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.

For more information on the Microsoft Security Notification Service
please visit http://www.microsoft.com/technet/security/notify.asp. For
security-related information about Microsoft products, please visit the
Microsoft Security Advisor web site at http://www.microsoft.com/security.
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close