Re: MS IIS 5.0 Access Violation on handling URL String

[mikehow () MICROSOFT COM (Michael Howard)]

this is by design - the call inside iis is wrapped in an exception
handler and reporting the error. kinda like this:

try {
    char *pF = NULL;
    *pF = "Hello, there!";
} catch {
    // oops! there was an error
}

Cheers, Michael Howard
Windows 2000 Security
Got an 'Access Denied' problem? Check the appropriate logs first!

-----Original Message-----
From: Lark Lizerman [mailto:webmaster () DOC2000 DE]
Sent: Thursday, January 13, 2000 7:06 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: MS IIS 5.0 Access Violation on handling URL String

Description:

MS IIS 5.0 has problems handling a specific form of URL ending with
"ida".
The extension ida has been taken from the Bugtraq posting "IIS revealing
webdirectories"
The problem causes 2 kind of results.
The one result is that the server responds with a message like
"URL String too long"; "Cannot find the specified path"

The other error causes the server to terminate with an Access Violation.
When the server "Access violates" it displays as last message:

File
d:\http\................................................................
........................................................................
........................................................................
............................................???????.
Error 0xc0000005 caught while processing query

<snip>

<HR NOSHADE>
<UL>
<LI>application/x-pkcs7-signature attachment: smime.p7s
</UL>