Microsoft's Web Server has been the frequent target over the years.
It has been attacked by various vulnerabilities.
- ::$DATA vulnerability
- showcode.asp vulnerability
- Piggy backing vulnerability
- Privilege command execution
- Buffer Overflow exploits (IIShack.exe)
- IIS relies heavily on a collection of DLLs that work together with the main server process, inetinfo.exe, to provide various capabilities.
- Example: Server side scripting, Content Indexing, Web Based printing etc.
- This architecture provides attackers with different functionality to exploit via malicious input.
- One of the most extreme security vulnerabilities associated with ISAPI DLLs is the buffer overflow.
- In 2001, IIS servers were ravaged by versions of the Code Red and Nimda worms which were both based on buffer overflow exploits.