ODBC RDS vulnerability

CVE 1999-1011

Impact

This vulnerability may allow a remote attacker to take complete control of a web server.

Background

Microsoft IIS by default installs Microsoft Data Access Components (MDAC), which includes Remote Data Service (RDS). The purpose of the RDS component is to allow access to remote Open Database Connectivity (ODBC) components through IIS.

The Problem

RDS allows ODBC databases to be queried remotely using a file called msadcs.dll. Arbitrary shell commands can be embedded in the queries. These commands will be executed with system_local privileges, giving an attacker complete control of the system.

Resolution

If you do not need RDS support on your system, the quickest solution is to simply delete the following file:

\Program Files\Common Files\System\Msadc\msadcs.dll

If you need RDS support, or if you prefer a cleaner solution, there are other options. See the Rain Forest Puppy advisory RFP9907.

Where can I read more about this?

For more details and alternate solutions, please refer to the Rain Forest Puppy advisory RFP9907 and Microsoft Security Bulletin 99-025.