Registry Change Might Prevent DoS Attack; Unchecked Buffer Vulnerability

Registry Change Might Prevent DoS Attack
A new Microsoft article recommends that customers using either IIS 4.0 with Service Pack 5 (SP5) or newer or IIS 5.0 modify a Registry setting that might help stave off one type of Denial of Service (DoS) attack. The Microsoft article " Description of the MaxClientRequestBuffer Registry Value" describes the MaxClientRequestBuffer value. Note that the article doesn't really suggest a value. You can arbitrarily find which value works best for you based on the maximum size of your incoming client HTTP request header. (For me, 512 bytes was more than adequate.)

Unchecked Buffer Vulnerability
Microsoft noted that two components that ship with IIS 4.0, Microsoft Personal Web Server 4.0, and Microsoft FrontPage 97 and 98 Server Extensions—htimage.exe and imagemap.exe—contain unchecked buffers that, if overrun, might let users execute code in their own security context. There is no elevation of privileges, and crashing the Web server isn't possible with this vulnerability because the malicious code executes in the user’s own security context and out of process. Click here for more information about this vulnerability.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.