Reported December 22, 2000 by Microsoft
Microsoft FrontPage Server Extensions, which ship with Windows NT 4.0 and Windows 2000 Server, are vulnerable to a remote Denial of Service (DoS) attack. Due to the way FrontPage Server Extensions process Web forms, a malicious user can cause Microsoft IIS to stop responding by supplying malformed data to one of the FrontPage Server Extension objects. VENDOR RESPONSE Microsoft has released security bulletin MS00-100 and patches to address the issue. For IIS 5.0 - http://download.microsoft.com/download/win2000platform/Patch/q280322/NT5/EN-US/Q280322_W2K_SP2_x86_en.EXE For IIS 4.0 - http://download.microsoft.com/download/winntsrv40/Patch/q280322/NT4/EN-US/Q280322i.EXE CREDIT |
IIS Vulnerable to DoS Attack via FrontPage Extensions
0 comments
Hide comments