Security Incidents mailing list archives

Re: MSIIS servers patched/de-doored, but C and D keep coming back

From: Gary Flynn <flynngn () jmu edu>
Date: Tue, 14 Aug 2001 14:42:17 -0400

K P wrote:


Recently Microsoft announced that there was another vulnerability discovered
in IIS systems configured with URL redirection that would allow Code Red II
to compromise those systems.


It will cause a denial of service. Not a compromise.

Affected systems are NT4/IIS4 with URL redirection enabled.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/info-security/engineering/runsafe.shtml

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

MSIIS servers patched/de-doored, but C and D keep coming back Garreth Jeremiah/Markham/IBM (Aug 13)
- Re: MSIIS servers patched/de-doored, but C and D keep coming back Russell Fulton (Aug 13)
- RE: MSIIS servers patched/de-doored, but C and D keep coming back Mike Horne (Aug 14)
- <Possible follow-ups>
- RE: MSIIS servers patched/de-doored, but C and D keep coming back Garreth Jeremiah/Markham/IBM (Aug 14)
- Re: MSIIS servers patched/de-doored, but C and D keep coming back K P (Aug 14)
  - Re: MSIIS servers patched/de-doored, but C and D keep coming back Gary Flynn (Aug 14)
- RE: MSIIS servers patched/de-doored, but C and D keep coming back Krull, Chris (Aug 14)
- RE: MSIIS servers patched/de-doored, but C and D keep coming back Davis, Matt (Aug 14)