IIS 4 Denial of Service Reported February 20, 2000 by valentijn It is possible to cause a denial of service condition against IIS by manipulating file names within the SMTP service"s directory structure. By creating a file name of more than 85 characters in length within the "\mailroot\pickup" directory, the mail server will generate an error and crash the INETINFO service, which supports IIS. In addition, as long as the file remains in place IIS cannot start up properly. To restore service the file must be removed. DEMONSTRATION This demonstration code runs on the server side, which means you need a means to get the code on the server to begin with. This may imply a rather low risk since its hard to get foreign code on to a remote server, but consider a scenario that involves an ISP that routinely allows ASP code to be installed on private sites. <script> VENDOR RESPONSE
CREDITS |
IIS 4 Denial of Service
0 comments
Hide comments