Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

MS IIS - HTR still a problem?

From: pete () S3 INTEGRALIS CO UK (Pete Philips)
Date: Thu, 23 Mar 2000 17:24:40 +0000

Ref: CVE ID CAN-1999-0874
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0874

Playing with IIS 4 at a customers site the other day, a
colleague and I came across the following scenario.

The IIS was patched to SP6a and none of the standard
HTR exploits had any effect. It didn't even seem
to notice - not even a rise in CPU load. We then ran
Nessus which caused it to go to 100% CPU for the duration
of the attack. It was verified that this was in fact the
cause by running this one test alone. Attempting to apply
the MS Hotfix, we were told that the service pack already
had a newer version of the fix.

Is IIS still vulnerable to an HTR DoS attack? Anyone
found similar?

Pete.

 ---------------------------------------------------------------
|   Pete Philips                                           \|/  |
|   Integralis Network Systems                              O   |
|   E-mail:  pete.philips () integralis co uk                      |
|   Phone:   +44 118 930 6060                                   |
|   PGP Key: http://www.integralis.co.uk/security/pgp/pete.pgp  |
 ---------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: