VULHUB ™

Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commerce Edition incorporates the same features as well as providing an interface for e-commerce sites to interact and conduct business with customers and suppliers. Valid NT user accounts may use the module cphost.dll to upload content for Site Server 3.0. This is accomplished through an HTTP POST operation. If a maliciously constructed multipart POST is sent, arbitrary files may escape the defined upload directory through a ../ directory traversal. Under default configuration, this allows arbitrary files to be placed in the /Sites/Publishing/ directory, where they will be interpreted by Site Server. Exploitation of this vulnerability allows a remote attacker to execute arbitrary ASP code on the server. This may lead to further access to the system, access to the database, and elevation of privileges.

Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commerce Edition incorporates the same features as well as providing an interface for e-commerce sites to interact and conduct business with customers and suppliers. Valid NT user accounts may use the module cphost.dll to upload content for Site Server 3.0. This is accomplished through an HTTP POST operation. If a maliciously constructed multipart POST is sent, arbitrary files may escape the defined upload directory through a ../ directory traversal. Under default configuration, this allows arbitrary files to be placed in the /Sites/Publishing/ directory, where they will be interpreted by Site Server. Exploitation of this vulnerability allows a remote attacker to execute arbitrary ASP code on the server. This may lead to further access to the system, access to the database, and elevation of privileges.