Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NTSEC] IIS 4 Request Logging Security Advisory

From: omigosh () CARIBSURF COM (Information Services)
Date: Fri, 22 Jan 1999 08:13:29 -0400

Hi David:

I tried the AVOID.EXE from my Win98 PC and pointed it at my
www.spiceisle.com webserver, which is running NT4/IIS3/SP4 with the IIS GET
hotfix.

The following was reported in the IIS log file:

nnn.nnn.nnn.nnn,-,22/01/99,07:57:37,W3SVC,WWW,205.214.207.98,401,10183,101,4
00,0,-,-,-,

  where nnn.nnn.nnn is the IP address of my workstation.


AVOID.EXE returned the following information in the DOS window that I ran it
from:

        C:\download>avoid www.spiceisle.com

        HTTP/1.0 400 Bad Request
        Content-Type: text/html

        <body><h1>HTTP/1.0 400 Bad Request
        </h1></body>•c
        HTTP/1.0 400 Bad Request
        Content-Type: text/html

        <body><h1>HTTP/1.0 400 Bad Request
        </h1></body>•c


Looks like the server's safe once SP4 and the IIS GET hotfix are loaded.


HTH,
Brian Steele
Previous By Date Next
Previous By Thread Next

Current thread: