Bugtraq mailing list archives

Re: MS IIS 5.0 Access Violation on handling URL String

From: webmaster () DOC2000 DE (Lark Lizerman)
Date: Sat, 15 Jan 2000 19:13:30 -0800


Question:
Did you try this out on WinNT4.0 SP4,SP5,SP6 running IIS 5.0?

Fact about dataloss:
I think even if it restarts automaticly the bug MUST be fixed.
On large servers with couple of hundred clients doing downloads a restart
would still
mean abort of data transfer.
2 processes watching each other is not new to me, but the main point is
still a stable server,
another process for watching is extremely usefull but no way out.
Microsoft should prepare a fix for IIS5.0 .

I would be glad Microsoft to make a statement about the past 2 bugs and
prepare fixes (or service packs as they call ;-} )
for "ida" and "idq" extension and built on that basic my Access Violation
produced with help of the
URL structure "domain./.......//......ida".

Danger:
The fact at this point is that it is possible to crash  IIS 5.0 and the
process must be restarted what means data loss at all clients connected.
On a CreditCard transaction / Stock Systems it would mean dramatic financial
loss.
The main danger is not, that a website with few hundred visitors will become
unavailable for some seconds, but if it is a SSL System
which handles transactions get's interrupted while datatransfer. Imagine you
sell shares for 200.000$ and your order get's interrupted you may loose a
_lot_ of money. Most transactionsystems are Unix but in the past more and
more NT Systems have been used for this kind
of business.

greets
Lark Lizerman



<SNIP>

I have 2 screenshots where 2 of the messages are displayed.
The system I have tried it out is a cluster where each backups the other

on

case of failure.

Because of that reason I can not guaranteed say if the process dies or

not,

because I got redirected to another server.

<SNIP>

IIS5 on Windows 2000 has a resilience system built in where if the
inetinfo.exe process crashes it will automatically restart - the program
that does this is %systemroot%\system32\iisreset.exe with a

/fail=failreason

option. This causes an errorlog to be written to the event log and IIS5 is
brought back up. This is good for websites that require maximum uptime.

Cheers,
David Litchfield
http://www.cerberus-infosec.co.uk/

Current thread:

MS IIS 5.0 Access Violation on handling URL String Lark Lizerman (Jan 13)
- Re: MS IIS 5.0 Access Violation on handling URL String Anthony Benjamin (Jan 14)
  - Re: MS IIS 5.0 Access Violation on handling URL String Imran Ghory (Jan 18)
- Re: MS IIS 5.0 Access Violation on handling URL String David Litchfield (Jan 15)
  - Re: MS IIS 5.0 Access Violation on handling URL String Lark Lizerman (Jan 15)
- Yahoo Pager/Messanger Buffer Overflow Jaynus Jaynus (Jan 16)
- <Possible follow-ups>
- Re: MS IIS 5.0 Access Violation on handling URL String Michael Howard (Jan 17)
- Re: MS IIS 5.0 Access Violation on handling URL String Michael Howard (Jan 18)