Microsoft IIS running RealSecure Server Sensor ISAPI plug-in denial of service

iis-realsecure-isapi-dos (13088) The risk level is classified as MediumMedium Risk

Description:

Microsoft Internet Information Server (IIS) running RealSecure Server Sensor is vulnerable to a denial of service, caused by a vulnerability in the ISAPI (Internet Services Application Programming Interface) plug-in. Server Sensor allows for the use of an ISAPI plug-in to connect to an IIS server, which allows for the Intrusion Detection System (IDS) to run on Secure Sockets Layer (SSL) protocol. A remote attacker can send a specially-crafted URL request using SSL to cause the ISAPI filter to crash, which will crash the IIS server.


Consequences:

Denial of Service

Remedy:

Upgrade to the latest version of RealSecure Server Sensor (XPU 20.19 or later), available from the Internet Security Systems Web site. See References.

References:

Platforms Affected:

  • IBM ISS RealSecure Server Sensor 7.0 XPU 20.16
  • IBM ISS RealSecure Server Sensor 7.0 XPU 20.18

Reported:

Aug 14, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page