Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Index_server | Microsoft | 2.0 (including) | 2.0 (including) |
Indexing_service | Microsoft | * | * |
Internet_information_server | Microsoft | * | 6.0 (including) |