iisDoS.txt

2003-05-29T00:00:00
ID PACKETSTORM:31179
Type packetstorm
Reporter SPI Labs
Modified 2003-05-29T00:00:00

Description

                                        
                                            `Internet Information Services 5.0 Denial of service  
  
[Release Date] May 29th, 2003  
Severity: High  
  
[Systems Affected]  
* Microsoft Information Server 5.0  
* Microsoft Information Server 5.1  
  
[Description]  
  
If an attacker sends a Webdav request with a body over 49,153 bytes  
using the 'PROPFIND' or 'SEARCH' request methods, IIS will be forced  
to restart itself. All web server, email, and active ftp connections  
will be terminated, along with a disruption of future sessions during  
the time it takes IIS to restart. The complete advisory is also available  
from our  
website at: http://www.spidynamics.com/iis_alert.html  
  
[Remediation]  
Please install the vendor-supplied patch located at  
http://www.microsoft.com/technet/security/bulletin/MS03-018.asp  
  
[Contact Information]  
  
SPI Labs  
SPI Dynamics R&D Team  
spilabs@spidynamics.com  
115 Perimeter Center Place  
Suite 270  
Atlanta, GA 30346  
Phone: (678)781-4800  
Toll-Free Phone: (866)774-2700  
  
  
SPI Dynamics was founded in 2000 by a team of accomplished Web security  
specialists;  
SPI Dynamics is the leader in Web application security technology. With such  
signature  
products as WebInspect, SPI Dynamics is dedicated to protecting companies'  
most valuable  
assets. SPI Dynamics has created a new breed of Internet security products  
for the Web  
application, the most vulnerable yet least secure component of online  
business infrastructure.  
  
Copyright (c) 2003 SPI Dynamics, Inc. All rights reserved worldwide.  
  
`