IIS FrontPage Extensions exploit v1.13 Vulnerability exploited: CAN-2003-0822 - BID-9007 Category: Exploits/Remote This module exploits a buffer overflow in FP30REG.DLL and installs a level0 agent into the target host. The vulnerability exists because of a buffer overrun in the remote debug functionality of FrontPage Server Extensions. This functionality enables users to remotely connect to a server running FrontPage Server Extensions and remotely debug content. An attacker who successfully exploited this vulnerability could be able to run code with IWAM_machinename account privileges on an affected system. Supported Systems: Windows 2000 Server - sp1 (i386) Windows 2000 Server - sp2 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Advanced Server - sp1 (i386) Windows 2000 Advanced Server - sp2 (i386) Windows 2000 Advanced Server - sp3 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.