[Snort-sigs] Snort signatures for MS02-018 IIS vulnerabilities.

Sean Hittel seanh at ...113...
Thu May 30 07:53:04 EDT 2002


On April 10, 2002, Microsoft released Security Bulletin MS02-018,
detailing several severe vulnerabilities in various versions of IIS,
Microsoft's Web server. The vulnerabilities include buffer overflows,
access violations resulting in a Denial of Service (DoS) condition, and
cross-site scripting issues. Several of these vulnerabilities may allow an
attacker to execute arbitrary code on a vulnerable server.

We have produced Snort signatures for many of these vulnerabilities, and
have made them available in the following document, which discusses these
signatures and the associated vulnerabilities. This document is available


These signatures are also avaible in text format in the following


We recommend that administrators add these rules to their Snort IDS, or
configure their IDS with signatures for these issues.

As always, we look forward to any feedback or suggestions you may have.
Comments and feedback are welcome at aris-feedback at ...609...

Sean Hittel
SecurityFocus Threat Analyst Team

More information about the Snort-sigs mailing list