|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA18106] Microsoft IIS Malformed URL Potential Denial of Service Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Dec 19 2005 - 07:02:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Microsoft IIS Malformed URL Potential Denial of Service Vulnerability
SECUNIA ADVISORY ID:
SA18106
VERIFY ADVISORY:
http://secunia.com/advisories/18106/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
From remote
OPERATING SYSTEM:
Microsoft Windows XP Professional
http://secunia.com/product/22/
SOFTWARE:
Microsoft Internet Information Services (IIS) 5.x
http://secunia.com/product/39/
DESCRIPTION:
Inge Henriksen has discovered a vulnerability in Microsoft Internet
Information Services (IIS), which potentially can be exploited by
malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the handling of
certain malformed URL. This can be exploited to cause the IIS service
to crash.
Example:
http://[host]/[dir]/.dll/%01~0
Successful exploitation requires that "[dir]" is a virtual directory
that is configured with "Scripts & Executables" execution
permissions.
Note: IIS will automatically restart after the crash.
The vulnerability has been confirmed in IIS 5.1 on a full patched
version of Microsoft Windows XP SP2.
SOLUTION:
Filter potential malicious characters or character sequences with a
HTTP proxy.
IIS 5.0 and 6.0 are reportedly not affected.
PROVIDED AND/OR DISCOVERED BY:
Inge Henriksen
ORIGINAL ADVISORY:
http://ingehenriksen.blogspot.com/2005/12/microsoft-iis-remote-dos-dll-url.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]