Home page logo

bugtraq logo Bugtraq mailing list archives

Re: VIGILANTE-2000009: "Invalid URL" DoS
From: Alexander Ivantchev <aivantchev () BIVWOOD COM>
Date: Thu, 7 Sep 2000 12:12:52 -0400

The link referring to the patch, however (both the i386 and the Alpha
versions) seems to be dead... Has the patch been recalled and is there an
alternate download location?

Peter Gründl wrote:

"Invalid URL" DoS

Advisory Code:   VIGILANTE-2000009

Release Date:
September 6, 2000

Systems Affected:
- Internet Information Server 4.0 for Windows NT 4.0
- Possibly Windows NT 4.0 in general (read Microsoft's note)

A certain series of requests can cause INETINFO.EXE to gradually
consume all system ressources (99-100% CPU and all memory). When
the pagefile can't expand any further, INETINFO.EXE is killed by
the operating system, with possibly a dialogue box on your screen
stating that the system is running low on virtual memory. During
testing it was found that usually you wouldn't even see this box.
It requires a restart of the www service for IIS to start working
Initially we believed this to be a problem with IIS, but Microsoft
has pointed out that this is a problem within Windows NT 4.0 (which
might explain why we couldn't reproduce it on Internet Information
Server 5.0). For this reason, you should probably consider applying
the patch on any production environments, running on Windows NT 4.0.

Vendor Status:
Initially reported on the 16th of May this year. Microsoft has
released the following bulletin concerning the issue, including a

Windows NT 4.0 Workstation, Server and Server, Enterprise Edition:

Windows NT 4.0 Server, Terminal Server Edition: To be released shortly

Vendor   URL: http://www.microsoft.com
Internet Information Server 4.0 URL:

Copyright VIGILANTe 2000-03-16

The information within this document may change without notice. Use of
this information constitutes acceptance for use in an AS IS
condition. There are NO warranties with regard to this information.
In no event shall the author be liable for any consequences whatsoever
arising out of or in connection with the use or spread of this
information. Any use of this information lays within the user's

Please send suggestions, updates, and comments to:

mailto: swat () vigilante com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]