|
|
|
Vulnerability Note VU#829845
Microsoft Windows 2000 Indexing Services enumerates local file locations via ixsso.query ActiveX object
OverviewIndex Server 2.0 and the Indexing Service 3.0 contain a vulnerability that may allow remote intruders to gain information about files on the local computer.
I. DescriptionIndex Server 2.0 and Indexing Service 3.0 are services that allow information about local files to be queried via a web interface. Normally, this capability would only be available through the server, but the software includes an ActiveX control that is incorrectly marked safe-for-scripting. As a result, an remote attacker could gain information about files on a user's comuter when they view a malicious web page. The indexing service does not need to be running for the attacker to use the ActiveX control.II. ImpactWhen a user views a malicious web page that invokes the vulnerable control, the web page author may be able to gain information about files on the victim's computer. This information includes the names and properties of existing files. If the indexing server is also running, the attacker may be able to gain information about which files contain attacker selected keywords.III. SolutionApply a Patch
Microsoft has published patches correcting this vulnerability. The patches are listed in their advisory at:
Systems Affected
References
http://www.microsoft.com/technet/security/bulletin/ms00-098.asp
http://www.securityfocus.com/bid/1933
http://www.guninski.com/indexserv1-desc.html
Credit
Georgi Guninski discovered this vulnerability.
This document was written by Cory F. Cohen.
Other Information
| Date Public | 11/10/2000 |
| Date First Published | 09/27/2002 01:46:20 PM |
| Date Last Updated | 09/27/2002 |
| CERT Advisory | |
| CVE Name | CAN-2000-1105 |
| Metric | 8.10 |
| Document Revision | 10 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
 |
