Re: Alert: Microsoft Security Bulletin - MS03-018
From: Steve Shockley (steve.shockley_at_SHOCKLEY.NET)
Date: 05/29/03
- Previous message: Marc Maiffret: "Re: Alert: MS03-019, Microsoft... wrong, again."
- In reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-018"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 May 2003 01:07:39 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> - A denial of service vulnerability that results because IIS 5.0 and
> 5.1 do not correctly handle an error condition when an overly long
> WebDAV request is passed to them. As a result an attacker could cause
> IIS to fail - however both IIS 5.0 and 5.1 will by default restart
> immediately after this failure.
Will the Buffer Size Registry Tool
(http://microsoft.com/downloads/details.aspx?FamilyId=48B3A74E-A4AF-41D6-BDE
C-1B6104648647&displaylang=en) function as a workaround for this problem?
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
FREE 14-DAY TRIAL of New Threat & Vulnerability Notification Service
TruSecure's new IntelliShield(tm) web-based threat and vulnerability
service isn't your typical alert service. Supported by TruSecure's vast
intelligence resources - including the ICSA Labs - IntelliShield's early
warning, analysis, decision support, and threat management tools provide
organizations with unmatched intelligence to better protect critical
information assets. Experience it for yourself - just click below to begin
your FREE, NO OBLIGATION 14-day trial today!
http://www.trusecure.com/offer/s0074/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Marc Maiffret: "Re: Alert: MS03-019, Microsoft... wrong, again."
- In reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-018"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
