Re: Patch for the "Microsoft IIS False Content-Length Field DoS Vulnerability" (bid 3667)

From: Ivan Hernandez (ivan.hernandez@globalsis.com.ar)
Date: 03/06/02


Date: Wed, 06 Mar 2002 15:41:11 -0300
From: Ivan Hernandez <ivan.hernandez@globalsis.com.ar>
To: Bob at firstcodings <bob@firstcodings.com>

Your understood is correct. Your patch would solve the problem correctly !

Ivan Hernandez

Bob at firstcodings wrote:

> Hi members,
>
>I think no patch has been released at this day.... so, I wrote one myself
>using ISAPI filters.
>As I understood RFCs, a hit generated by a "GET" method, does not need the
>"Content-Length:" header. If this is true, I think my filter is correct.
>
>The page is http://bob.firstcodings.com/programs/dropcontentlengthget/
>(source code is included). For now, please consider this filter as "beta
>release".
>I installed this filter on a production server which has an average load :
>after 2 days and at this point, all is fine. Above all, exploit described in
>bid 3667 does not work anymore.
>
>Thanks to email me at "dropContentLengthGet@firstcodings.net" for any
>comments/feedbacks/suggestions about this filter.
>
>
>Bob - firstcodings.
>P.S : my english may not be correct, sorry :)
>
>



Relevant Pages

  • Re: Patch for the "Microsoft IIS False Content-Length Field DoS Vulnerability" (bid 3667)
    ... Bob at firstcodings wrote: ... >I think no patch has been released at this day.... ... please consider this filter as "beta ...
    (Vuln-Dev)
  • Re: XPe SP2 with Domain Participation losing after 30 days
    ... Debbie, ... I knew about the new Filter but I didn't know it was officially released. ... I didn't know the EWF Registry filter patch was officially released. ... I do know that EWF version in SP2 does not have the functionality of the Registry filter. ...
    (microsoft.public.windowsxp.embedded)
  • Re: [PATCH] allow root to modify raw scsi command permissions list
    ... > My patch leaves the defaults as what are currently in the kernel. ... Yes but what I wanted to say the filter currently in the kernel is not ... purpose of giving read/write permissions in this case. ... The starting point must be safe and it can be relaxed. ...
    (Linux-Kernel)
  • Re: Autofilter with Subtotal Sumif
    ... "Bob Phillips" wrote: ... Which are to filter on any name. ... See a sum of that name's No amounts which in my example ... You could I change the "Sheri" part of Laurent Longre's formula to ...
    (microsoft.public.excel.worksheet.functions)
  • Re: Inserting a HPGL Picture in Word 2007
    ... Thanks very much for your helpful reply Bob - ... The filter we used was "signed" byone of the two 3rd parties you mentioned ... The MS HP Graphics Language interpreter/ filter, HPGLIm32.FLT, was written ... WordPerfect also had an HPGL Import Filter written by Imagestream/Inso ...
    (microsoft.public.word.drawing.graphics)