Patch for the "Microsoft IIS False Content-Length Field DoS Vulnerability" (bid 3667)

["Bob at firstcodings" <bob () firstcodings com>]

 Hi members,

I think no patch has been released at this day.... so, I wrote one myself
using ISAPI filters.
As I understood RFCs, a hit generated by a "GET" method, does not need the
"Content-Length:" header. If this is true, I think my filter is correct.

The page is http://bob.firstcodings.com/programs/dropcontentlengthget/
(source code is included). For now, please consider this filter as "beta
release".
I installed this filter on a production server which has an average load :
after 2 days and at this point, all is fine. Above all, exploit described in
bid 3667 does not work anymore.

Thanks to email me at "dropContentLengthGet () firstcodings net" for any
comments/feedbacks/suggestions about this filter.


Bob - firstcodings.
P.S : my english may not be correct, sorry :)