Microsoft's Web Server has been the frequent target over the years.
It has been attacked by various vulnerabilities.
Examples include:
- ::$DATA vulnerability
- showcode.asp vulnerability
- Piggy backing vulnerability
- Privilege command execution
- Buffer Overflow exploits (IIShack.exe)
- IIS relies heavily on a collection of DLLs that work together with the main server process, inetinfo.exe, to provide various capabilities.
- Example: Server side scripting, Content Indexing, Web Based printing etc.
- This architecture provides attackers with different functionality to exploit via malicious input.
- One of the most extreme security vulnerabilities associated with ISAPI DLLs is the buffer overflow.
- In 2001, IIS servers were ravaged by versions of the Code Red and Nimda worms which were both based on buffer overflow exploits.
A good article describing overflow exploits in a basic language
ReplyDeletehttp://www.loranbase.com/idx/142/1921/article/Writing-Buffer-Overflow-Exploits-for-Beginners.html
Even use of pirated softwares too plays a major role in these kind of attacks
ReplyDelete