CVE-2000-1089

This is a Metasploit module exploiting a stack-based buffer overflow in Microsoft IIS Phone Book Service (CVE-2000-1089) via an overly long URL argument. It targets Windows 2000 SP0/SP1 and NT SP6, delivering a payload to achieve remote code execution.

This is a Metasploit module exploiting a stack-based buffer overflow in Microsoft IIS Phone Book Service (pbserver.dll) via an overly long URL argument. It targets Windows 2000 SP1/SP0 and NT SP6, using a JMP ESP or CALL ESP instruction to redirect execution to the payload.

This is a detailed writeup describing a buffer overflow vulnerability in the Phone Book Service (PBSERVER.DLL) in IIS 4 and IIS 5. The vulnerability allows remote code execution by sending a crafted HTTP request with an overly long parameter, bypassing a length check.