Microsoft Peer Web Services vulnerability

Thu, 17 Jun 1999 14:35:37 -0400


This advisory is for those that run "Microsoft Peer Web Services"  in
addition to the
advisory for Microsoft's IIS 4. It also limits Web-based administration to
the loopback address
( by default.  It also has the  ism.dll   in the /scripts/iisadmin
 which allows users / attackers to access the ISAPI application used for
web-based administration from an non-loopback IP address.

NOTE: An attacker can simply do a search on Alta Vista for  "Microsoft Peer
Web Services".
They then get a complete list of  NT Workstations  running this service. All
they need to do,
is append the following to the End of the url:


The  user will then be prompted for a UserID and password and if successful
authentication takes place they are given access to sensitive server
information. It provides an attacker with a means to brute
force / guess the Administrators password and if successful an enormous
amount of reconnaissance work can be achieved through the application's use.

Colette Chamberland