Security flaws affecting Microsoft’s Content Management Server (MCMS) 2001 product have prompted the Redmond Wash.-based software maker to issue a “critical” security bulletin on Wednesday and urged system administrators to immediately apply a just-released patch.
MCMS 2001 is a .NET Enterprise Server product for building and maintaining Web sites.
The most serious vulnerability lies in a user authentication function of the application, Microsoft noted, adding that an attacker could get complete control over the system running the software by entering malformed data into a Web page that uses this authentication function.
A second vulnerability in MCMS 2001 lies in a Web authoring feature; an attacker can upload a program to the Web server and execute it.
By exploiting the two flaws in tandem, an attacker could upload an .ASP or other file to the server, in a location from which it could be executed, Microsoft said.
While the product’s security features won’t allow full control over the server, Microsoft said it is a possible “starting point” to try to gain additional privileges.
Installing URLScan, a software tool recommended by Microsoft, will probably protect servers running MCMS from being taken over by an attacker, but the system can still be caused to fail, Microsoft said.
Microsoft urges MCMS 2001 users to “immediately” apply the patch. Earlier versions of the product may be affected, but are no longer supported, Microsoft said.
More information can be found in Microsoft’s security bulletin MS02-041 ( http://www.microsoft.com/technet/security/bulletin/MS02-041.asp).
– with files from IDG News Service