Encoding Post Vulnerability; A New Registry Security Tool

Chunked Encoding Post Vulnerability in IIS 4.0
Microsoft issued Security Bulletin MS00-018, which outlines the new Chunked Encoding Post vulnerability in IIS 4.0. This vulnerability lets a malicious user perform a Denial of Service (DoS) attack against a Web server. The attack exploits buffered memory for PUT and power-on self test (POST) operations by absorbing memory allocated to the Web server. The attack can eventually prevent the Web server from performing normally. For more information about this vulnerability and a patch, go to http://www.microsoft.com/technet/security/bulletin/ms00-018.asp.

Microsoft Releases Registry Security Tool
Earlier this month, Microsoft released a Registry tool designed to tighten permissions on Windows NT 4.0 Registries in order to eliminate potential vulnerabilities. For more information, see Microsoft Security Bulletin (MS00-008).

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish