IIS Media Services exploit v1.28 Vulnerability exploited: CAN-2003-0227 - BID-7727 Category: Exploits/Remote This module exploits a buffer overflow in NSIISLOG.DLL and installs a level0 agent into the target host. The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. Supported Systems: Windows 2000 Server - sp0 (i386) Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Advanced Server - sp0 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) Windows NT4 Server - sp6 (i386) Windows NT4 Server - sp6a (i386) Windows NT4 Enterprise Server - sp6 (i386) Windows NT4 Enterprise Server - sp6a (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.