Microsoft Patch Fixes Critical MCMS Flaws
Three flaws in the .Net server allow an attacker to execute code on a vulnerable server.Microsoft Corp. on Wednesday issued a patch for three critical vulnerabilities in one of its .Net servers, the Microsoft Content Management Server 2001 (MCMS). All three flaws give an attacker the ability to execute code on a vulnerable server. MCMS, one of the .Net Enterprise Server products on which Microsoft is pinning much of its future hopes, is used to build and manage Web sites. Potentially the most serious of the three is a SQL injection vulnerability in a function that responds to requests for images and other files. A successful exploitation of this flaw would allow an attacker to run operating system commands on the server or to add, delete and change content in the MCMS database.
The second vulnerability is a buffer overrun in an authentication service on MCMS. One of the Web pages included with the server passes inputs directly to this function, which gives an attacker a vector for overrunning the buffer. Such an attack could either cause the MCMS server to crash or allow the attacker to run arbitrary code on the server in the Local System context.