IIS HTR ChunkedEncoding exploit v1.38 Vulnerability exploited: CVE-2002-0364 - BID-4855 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent into the target host. This module exploits a vulnerability in the .HTR ISAPI filter. After successful exploitation a level0 agent will be installed. The process being exploited is usually running with lowered privileges. To obtain SYSTEM privileges another exploit is needed to run, for example the 'IIS ASP Server-Side Local Exploit' Supported Systems: Windows 2000 Server - sp2 (i386) Windows 2000 Advanced Server - sp2 (i386) Microsoft IIS 5.0 Windows 2000 Server SP2. Microsoft IIS 5.0 Windows 2000 Advanced Server SP2. This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.