Microsoft IIS URL Access Violation DoS

2002-04-10T00:00:00
ID OSVDB:3326
Type osvdb
Reporter OSVDB
Modified 2002-04-10T00:00:00

Description

Vulnerability Description

IIS contains a flaw that may allow a remote denial of service. The issue is caused by an ISAPI filter which generates an error upon receiving a URL request that is too large. Exploitation of this vulnerability will result in loss of availability for the IIS service.

Technical Description

The only known filter that exhibits this flaw is contained within FrontPage Server Extensions and ASP.NET.

Solution Description

Install Patch Q319733, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workarounds:

  1. Disable ASP.NET which is not installed by default.

  2. Uninstall FrontPage Server Extensions.

Short Description

IIS contains a flaw that may allow a remote denial of service. The issue is caused by an ISAPI filter which generates an error upon receiving a URL request that is too large. Exploitation of this vulnerability will result in loss of availability for the IIS service.

References:

Vendor Specific Solution URL: http://www.microsoft.com/downloads/search.aspx?opsysid=1&search=Keyword&value='security_patch'&displaylang=en Vendor Specific Advisory URL Other Advisory URL: http://www.nipc.gov/warnings/advisories/2002/02-002.htm Other Advisory URL: http://xforce.iss.net/xforce/alerts/id/advise114 Other Advisory URL: http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0012.html Nessus Plugin ID:10937 Microsoft Security Bulletin: MS02-018 Microsoft Knowledge Base Article: 314339 Microsoft Knowledge Base Article: 319733 ISS X-Force ID: 8800 CVE-2002-0072 CIAC Advisory: M-066 CERT VU: 521059 CERT: CA-2002-09 Bugtraq ID: 4479