There is an exploitable buffer overflow in the SSINC.DLL file used by Microsoft IIS 5.0. The problem is triggered while including long enough filenames in any ASP file. After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests. If this condition is present, the newly deployed agent will run with an unprivileged user. In most cases, the RevertToSelf Win32 API call can be used, available with the RevertToSelf module (see "RevertToSelf") to replace the current process access token with the saved one, usually SYSTEM, thus, effectively gaining full control of the target host.
CVE Link
Exploit Platform
Exploit Type
Product Name