Bugtraq mailing list archives
IIS WebDav Denial of Service attacks - Update to SPI Dynamics
From: "Mark Litchfield" <mark () ngssoftware com>
Date: Mon, 2 Jun 2003 14:20:15 -0700
In SPI Dynamics own advisory it mentions that IIS will restart itself - whilst this is true, by supplying a specific number of bytes, we can terminate all the threads, but leaving INETINFO still alive. Despite INETINFO not dying, the process will no longer serve any requests. This provides a more effective denial of service attack as the administrator would be required to restart the service manually. Again, if you have not yet patched your servers, the patch can be obtained at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ bulletin/MS03-018.asp Regards Mark Litchfield NGS Software Ltd http://www.ngssoftware.com/ Tel: +44 208 40 100 70 (London) Tel: +44 1241 431 267 Mobile: +44 790 069 5236 Email: mark () ngssoftware com
Current thread:
- IIS WebDav Denial of Service attacks - Update to SPI Dynamics Mark Litchfield (Jun 02)