Bugtraq mailing list archives
Re: Xato Advisory: FrontPage DOS Device DoS
From: Daniel Docekal <ddoc () MIA CZ>
Date: Wed, 23 Aug 2000 18:58:46 +0200
Small correction. Windows 2000 (IIS 5.0) and FrontPage 2000 extensions - while GET with DOS device in name is ACTIVE, server shows 100% cpu utilization, but still works and serves other requests. After HTTP GET time out, everything is back to normal and everything _works_ (so no need to restart anything). Still it makes computer go to 100% CPU utilization, so IT IS threat. This is true for any combination shown by sozni in his report. Daniel
-----Original Message----- From: sozni [mailto:sozni () XATO NET] Sent: Wednesday, August 23, 2000 5:18 PM To: BUGTRAQ () SECURITYFOCUS COM Subject: Xato Advisory: FrontPage DOS Device DoS -------------------------------------------------------------- --------- Xato Network Security, Inc. www.xato.net Security Advisory XATO-082000-01 August 17, 2000 FRONTPAGE SERVER EXTENSIONS SHTML.EXE DENIAL OF SERVICE --DOS Device DoS-- -------------------------------------------------------------- --------- Systems Affected ================ FrontPage Server Extensions 1.1 for Windows 9.x, windows NT4, and Windows 2000
Current thread:
- Xato Advisory: FrontPage DOS Device DoS sozni (Aug 23)
- <Possible follow-ups>
- Re: Xato Advisory: FrontPage DOS Device DoS Daniel Docekal (Aug 25)
- Re: Xato Advisory: FrontPage DOS Device DoS Microsoft Security Response Center (Aug 25)