CVE-1999-0412
Internet Information Server - Privilege Escalation via ISAPI Extension
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-0412. PoCs published by Fabien Royer.
AI-analyzed exploit summary This is a functional ISAPI extension exploit for CVE-1999-0412, which leverages the GetExtensionVersion() function in IIS to execute arbitrary code as SYSTEM. The provided code demonstrates a reboot attack by enabling the SE_SHUTDOWN_NAME privilege and calling ExitWindowsEx.
Description
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
Exploits (1)
This is a functional ISAPI extension exploit for CVE-1999-0412, which leverages the GetExtensionVersion() function in IIS to execute arbitrary code as SYSTEM. The provided code demonstrates a reboot attack by enabling the SE_SHUTDOWN_NAME privilege and calling ExitWindowsEx.