Bugtraq mailing list archives
Re: [NTSEC] IIS 4 Advisory - ExAir sample site DoS
From: mikehow () MICROSOFT COM (Michael Howard)
Date: Mon, 25 Jan 1999 10:08:30 -0800
we've always recommended people remove ALL samples from any production server - incl ExAir, WSH, and ADO samples etc. Cheers, MH IIS Security -----Original Message----- From: mnemonix [mailto:mnemonix () globalnet co uk] Sent: Tuesday, January 26, 1999 8:36 AM To: ntbugtraq () listserv ntbugtraq com Cc: ntsecurity () iss net; bugtraq () netspace org Subject: [NTSEC] IIS 4 Advisory - ExAir sample site DoS TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo () iss net Contact ntsecurity-owner () iss net for help with any problems! --------------------------------------------------------------------------- This advisory is for those that have Internet Information Server 4 installed with the IIS sample site "ExAir". There are three Active Server Pages that, if called directly without the default ExAir page and associated dlls ever having been loaded into the IIS memory space, will hang and eventually time out after 90 secs - the default script timeout period. Whilst in this state, processor usage increases to 100% and the server becomes very sluggish. These pages are: Exair - root/search/advsearch.asp Exair - root/search/query.asp Exair -root/search/search.asp The Exair directory and all subdirectories should be deleted - they are not needed. NTInfoScan will check if your site is vulnerable to this problem. More information about NTInfoScan can be found at http://www.infowar.co.uk/mnemonix/ntinfoscan.htm Cheers, David Litchfield http://www.infowar.co.uk/mnemonix ps - apologies to the owner of the server.com domain.
Current thread:
- Re: [NTSEC] IIS 4 Advisory - ExAir sample site DoS Michael Howard (Jan 25)