CVE-2001-0500 Information

Description

Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida as commonly exploited by Code Red.

Reference

http://www.cert.org/advisories/CA-2001-13.html http://www.ciac.org/ciac/bulletins/l-098.shtml http://www.iss.net/security_center/static/6705.php http://www.securityfocus.com/archive/1/191873 http://www.securityfocus.com/bid/2880 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-033 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A197