what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

VIGILANTE-2000009.txt

VIGILANTE-2000009.txt
Posted Sep 13, 2000
Authored by Vigilante | Site vigilante.com

Vigilante Advisory #9 - Internet Information Server (IIS) 4.0 for Windows NT 4.0 is vulnerable to a denial of service attack as described in ms00-063 in which a certain series of requests can cause INETINFO.EXE to gradually consume all system ressources (99-100% CPU and all memory). When the pagefile can't expand any further, INETINFO.EXE is killed by the operating system.

tags | exploit, denial of service
systems | windows
SHA-256 | f88b454e98f58dc0cab36e2079df258a10823f10487e75deb9870d645da092ca

VIGILANTE-2000009.txt

Change Mirror Download
"Invalid URL" DoS

Advisory Code: VIGILANTE-2000009

Release Date:
September 6, 2000

Systems Affected:
- Internet Information Server 4.0 for Windows NT 4.0
- Possibly Windows NT 4.0 in general (read Microsoft's note)


THE PROBLEM
A certain series of requests can cause INETINFO.EXE to gradually
consume all system ressources (99-100% CPU and all memory). When
the pagefile can't expand any further, INETINFO.EXE is killed by
the operating system, with possibly a dialogue box on your screen
stating that the system is running low on virtual memory. During
testing it was found that usually you wouldn't even see this box.
It requires a restart of the www service for IIS to start working
again.
Initially we believed this to be a problem with IIS, but Microsoft
has pointed out that this is a problem within Windows NT 4.0 (which
might explain why we couldn't reproduce it on Internet Information
Server 5.0). For this reason, you should probably consider applying
the patch on any production environments, running on Windows NT 4.0.

Vendor Status:
Initially reported on the 16th of May this year. Microsoft has
released the following bulletin concerning the issue, including a
patch:
http://www.microsoft.com/technet/security/bulletin/MS00-063.asp

Fix:
Windows NT 4.0 Workstation, Server and Server, Enterprise Edition:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24079

Windows NT 4.0 Server, Terminal Server Edition: To be released shortly

Vendor URL: http://www.microsoft.com
Internet Information Server 4.0 URL:
http://www.microsoft.com/ntserver/web/default.asp


Copyright VIGILANTe 2000-03-16

Disclaimer:
The information within this document may change without notice. Use of
this information constitutes acceptance for use in an AS IS
condition. There are NO warranties with regard to this information.
In no event shall the author be liable for any consequences whatsoever
arising out of or in connection with the use or spread of this
information. Any use of this information lays within the user's
responsibility.

Feedback:
Please send suggestions, updates, and comments to:

VIGILANTe
mailto: swat@vigilante.com
http://www.vigilante.com



Login or Register to add favorites

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close