Security waarschuwing voor Microsoft IIS 5.0
Het CERT heeft een security waarschuwing doen uitgaan voor Microsoft IIS 5.0. Er bestaat namelijk een buffer overflow in IIS 5.0 als deze op Microsoft Windows 2000 draait. IIS 5.0 wordt standaard geinstalleerd in Windows 2000 server produkten. Het lek zorgt ervoor dat een aanvaller kwaadaardige code kan draaien op de getroffen machine. Er wordt dringend aangeraden om de verschenen patch te installeren.
Microsoft security bulletin.
Microsoft patch voor IIS 5.0.
CERT advisory.
======================================================================
Defcom Labs Advisory def-2001-26
IIS WebDav Lock Method Memory Leak DoS
Author: Peter Gründl <peter.grundl@defcom.com>
Release Date: 2001-05-17
======================================================================
------------------------=[Brief Description]=-------------------------
The WebDav extensions for Internet Information Server 5.0 contain a
flaw that could allow a malicious user to consume all available memory
on the server.
------------------------=[Affected Systems]=--------------------------
- httpext.dll versions prior to 0.9.3940.21 (Windows 2000 SP2)
----------------------=[Detailed Description]=------------------------
The lock method contains a memory leak that will trigger if you send
it continous requests for non-existing files. Eg.
LOCK /aaaaaaaaaaaaaaaaaaaaaaaaaa.htw HTTP/1.0
Eventually the server will run out of memory and run really slow, you
might argue that the server will then crash, reboot and return to
normal again, but there are a few things that can be done to determine
when you get close to filling up the servers memory, and then it is
just a matter of stopping, and the server won't free the memory. One
way is to combine the attack with asp executions, eg.
GET /iisstart.asp?uc=a HTTP/1.0
which ofcourse requires the presence of iisstart.asp (but this is
just an example). The script will return execution errors when it
runs out of temporary space on the server to execute the .asp script
and that's when the server is almost out of memory.
---------------------------=[Workaround]=-----------------------------
The problem has been corrected in httpext.dll v.0.9.3940.21, which is
packaged with Windows 2000 Service Pack 2 and according to Microsoft:
"it will ship with each IIS5 hotfix that we release going forward
(and will be available for SP0, SP1, and SP2+.)"
You can find Service Pack 2 on Microsofts webpage at:
http://www.microsoft.com/windows2000/downloads/servicepacks/sp2/default.asp
-------------------------=[Vendor Response]=--------------------------
This issue was brought to the vendor's attention on the 3rd of March,
2001, and the vendor released a patch on the 16th of May.
======================================================================
This release was brought to you by Defcom Labs
[email]labs@defcom.com[/email] http://www.defcom.com
======================================================================
Groetjes,
ScreamOnline
Scream On The Internet!
[email]ScreamOnl@hotmail.com[/email]
http://www.securityfocus.com/advisories/3316
======================================================================
Defcom Labs Advisory def-2001-26
IIS WebDav Lock Method Memory Leak DoS
Author: Peter Gründl <peter.grundl@defcom.com>
Release Date: 2001-05-17
======================================================================
------------------------=[Brief Description]=-------------------------
The WebDav extensions for Internet Information Server 5.0 contain a
flaw that could allow a malicious user to consume all available memory
on the server.
------------------------=[Affected Systems]=--------------------------
- httpext.dll versions prior to 0.9.3940.21 (Windows 2000 SP2)
----------------------=[Detailed Description]=------------------------
The lock method contains a memory leak that will trigger if you send
it continous requests for non-existing files. Eg.
LOCK /aaaaaaaaaaaaaaaaaaaaaaaaaa.htw HTTP/1.0
Eventually the server will run out of memory and run really slow, you
might argue that the server will then crash, reboot and return to
normal again, but there are a few things that can be done to determine
when you get close to filling up the servers memory, and then it is
just a matter of stopping, and the server won't free the memory. One
way is to combine the attack with asp executions, eg.
GET /iisstart.asp?uc=a HTTP/1.0
which ofcourse requires the presence of iisstart.asp (but this is
just an example). The script will return execution errors when it
runs out of temporary space on the server to execute the .asp script
and that's when the server is almost out of memory.
---------------------------=[Workaround]=-----------------------------
The problem has been corrected in httpext.dll v.0.9.3940.21, which is
packaged with Windows 2000 Service Pack 2 and according to Microsoft:
"it will ship with each IIS5 hotfix that we release going forward
(and will be available for SP0, SP1, and SP2+.)"
You can find Service Pack 2 on Microsofts webpage at:
http://www.microsoft.com/windows2000/downloads/servicepacks/sp2/default.asp
-------------------------=[Vendor Response]=--------------------------
This issue was brought to the vendor's attention on the 3rd of March,
2001, and the vendor released a patch on the 16th of May.
======================================================================
This release was brought to you by Defcom Labs
[email]labs@defcom.com[/email] http://www.defcom.com
======================================================================
er is al een exploit voor,waarmee verschillende .mil domeinen zijn aangevallen volgens MSNBC
Groetjes,
ScreamOnline
Scream On The Internet!
[email]ScreamOnl@hotmail.com[/email]
Deze posting is gelocked. Reageren is niet meer mogelijk.
Ketenregisseur Gedigitaliseerde Criminaliteit en Cybercrime
Ben jij er klaar voor om de leiding te nemen in het bevorderen van de regionale samen-werking in de strijd tegen gedigitaliseerde criminaliteit en cybercrime? Samen met collega's, politie en regionale en landelijke partners? Dan is de dynamische rol van Ketenregisseur Gedigitaliseerde Criminaliteit en Cybercrime bij het Regionaal Samenwerkingsverband Integrale Veiligheid (RSIV) jouw op het lijf geschreven!
Digital Designer
Ben jij een Grafisch vormgever, UI-designer, Game-artist of gewoon een ‘self-proclaimed creative genius’, die op zoek is naar een leuke en uitdagende baan waarin je al je creativiteit kwijt kan?Je werkt samen met onze developers en UI/UX-designer aan onze Gamified Cybersecurity Challenges welke jij voorziet van de mooiste designs.
Cyber Security Trainer
"You know that feeling after you have been to the cinema and seen an exciting movie? It's the same after this training. I can only say that this is probably the BEST TRAINING that I've ever done!!!”
Are you ready for a challenge?
Senior Full Stack Developer
Als full stack developer bij Certified Secure maak je de mooiste cybersecurity challenges die onze deelnemers wereldwijd uitdagen en inspireren. Alle challenges zijn gebaseerd op actuele kwetsbaarheden, je komt dus telkens nieuwe technieken tegen, van machine learning tot web assembly, van Swift UI tot GCP.