fpcount.exe is a site visit counter included with Internet
Information Server version 4.0 if FrontPage Server Extensions
are also installed. Furthermore, upgrading from IIS 4 to
IIS 5 does not overwrite the vulnerable file with the updated
version, so it is possible for the exploit to be carried out
on IIS 5 servers.
A vulnerability in the package could allow a user to execute
arbitrary code on a running server. The problem lies in a buffer
overflow in the fpcount.exe binary. It is possible to exploit the
buffer overflow in fpcount.exe remotely, thus overwriting stack
variables, including the return address. This design flaw makes it
possible for a user with malicious motives to execute arbitrary code,
and potentially gain access and possibly administrative privileges
to a remote system.
This vulnerability has also been known to restart the IIS services.