Bugtraq mailing list archives
Re: IIS 5.0 Content Length DOS vulnerability
From: Eric Maiwald <emaiwald () fred net>
Date: Tue, 18 Dec 2001 13:59:01 -0500 (EST)
We have been testing the script posted by Mr. Hernandez on an IIS 5.0 system runnion over Win2k SP1. We can get the connections to exist but after a time, they time out and close. There does not appear to be any deterioration in the system performance. Anyone have any more information on this that may indicate how the DOS actually occurs? Is it a certain number of open connections in a short period of time? Also, does anyone have any information as to whether the content-length parameter gets mangled under normal conditions or is this DOS only likely in a real attack. Eric --------------------------------------------------------------------- Eric Maiwald, CISSP emaiwald () fred net Chief Technology Officer 301-977-6966 Fortrex Technologies, Inc. Gaithersburg, MD ---------------------------------------------------------------------
Current thread:
- Zyxel Prestige 681 and 1600 (possibly other?) remote DoS Przemyslaw Frasunek (Dec 14)
- Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS Przemyslaw Frasunek (Dec 18)
- Re: IIS 5.0 Content Length DOS vulnerability Eric Maiwald (Dec 18)
- Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS Przemyslaw Frasunek (Dec 18)