Penetration Testing mailing list archives

Re: [PEN-TEST] iis 4.0 pen-test

From: Thomas Reinke <reinke () E-SOFTINC COM>
Date: Thu, 22 Feb 2001 17:12:33 -0500

Nessus test ID 10119,
http://www.securityspace.com/smysecure/catid.html?id=10119

Microsoft Security Bulletin
http://www.microsoft.com/security/bulletins/ms99-029.asp

"van der Kooij, Hugo" wrote:


On Thu, 22 Feb 2001, Sean wrote:

i'm pen-testing an iis 4.0 box; the following get req.
crashed the server (stopped responding to http reqs
and rpc comms stopped to - could still ping it and
processor and mem were normal).

GET /...*/text.txt - 404 123 623 316 10 443 HTTP/1.1
Mozilla/4.0+blahblahblah

any idea what patch fixes this one or what vuln it is?


Why don't you check out the nessus site? (http://www.nessus.org/)

Hugo.

--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ  Maasland
hvdkooij () caiw nl        http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
This message has not been checked and may contain harmfull content.


--
------------------------------------------------------------
Thomas Reinke                            Tel: (905) 331-2260
Director of Technology                   Fax: (905) 331-2504
E-Soft Inc.                         http://www.e-softinc.com
Publishers of SecuritySpace     http://www.securityspace.com

Current thread:

[PEN-TEST] iis 4.0 pen-test Sean (Feb 22)
- Re: [PEN-TEST] iis 4.0 pen-test van der Kooij, Hugo (Feb 22)
  - Re: [PEN-TEST] iis 4.0 pen-test Thomas Reinke (Feb 22)
- <Possible follow-ups>
- Re: [PEN-TEST] iis 4.0 pen-test Sean (Feb 24)